@azure/msal-browser 5.6.3 → 5.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +0 -1
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +2 -3
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +2 -2
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.d.ts +1 -0
- package/dist/cache/CacheKeys.d.ts.map +1 -1
- package/dist/cache/CacheKeys.mjs +3 -2
- package/dist/cache/CacheKeys.mjs.map +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +7 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +16 -0
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +150 -20
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +2 -3
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +2 -2
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.d.ts +1 -0
- package/dist/custom-auth-path/cache/CacheKeys.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +3 -2
- package/dist/custom-auth-path/cache/CacheKeys.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +7 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +16 -0
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +150 -20
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.d.ts.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +3 -4
- package/dist/custom-auth-path/error/NativeAuthError.mjs.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +32 -19
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +6 -2
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +6 -2
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts +14 -0
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +45 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +47 -15
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +5 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/redirect_bridge/index.d.ts.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +3 -2
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +8 -3
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs.map +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.d.ts.map +1 -1
- package/dist/error/NativeAuthError.mjs +3 -4
- package/dist/error/NativeAuthError.mjs.map +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +32 -19
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +6 -2
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +6 -2
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts +14 -0
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +45 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +47 -15
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +5 -1
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.d.ts +1 -0
- package/dist/redirect-bridge/cache/CacheKeys.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/config/Configuration.d.ts +7 -0
- package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/controllers/StandardController.d.ts +16 -0
- package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/error/NativeAuthError.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts +14 -0
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/protocol/Authorize.d.ts.map +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +11 -7
- package/dist/redirect-bridge/redirect_bridge/index.mjs.map +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/redirect-bridge/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/dist/redirect-bridge/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +7 -3
- package/dist/redirect-bridge/utils/BrowserConstants.mjs.map +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect_bridge/index.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/dist/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +3 -2
- package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/dist/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +10 -3
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs.map +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +47 -15
- package/lib/custom-auth-path/msal-custom-auth.cjs +334 -133
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/lib/custom-auth-path/types/cache/CacheKeys.d.ts +1 -0
- package/lib/custom-auth-path/types/cache/CacheKeys.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +7 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +16 -0
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/error/NativeAuthError.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts +14 -0
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/redirect_bridge/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/lib/custom-auth-path/types/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +47 -15
- package/lib/msal-browser.cjs +343 -138
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +343 -138
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +24 -16
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
- package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/lib/types/cache/CacheKeys.d.ts +1 -0
- package/lib/types/cache/CacheKeys.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +7 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +16 -0
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/error/NativeAuthError.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts +14 -0
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/redirect_bridge/index.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/lib/types/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthProvider.ts +1 -1
- package/src/cache/CacheKeys.ts +1 -0
- package/src/config/Configuration.ts +8 -0
- package/src/controllers/StandardController.ts +233 -35
- package/src/error/NativeAuthError.ts +1 -2
- package/src/interaction_client/PlatformAuthInteractionClient.ts +44 -23
- package/src/interaction_client/PopupClient.ts +10 -0
- package/src/interaction_client/RedirectClient.ts +10 -0
- package/src/interaction_client/SilentIframeClient.ts +123 -20
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +8 -0
- package/src/redirect_bridge/index.ts +12 -5
- package/src/telemetry/BrowserPerformanceEvents.ts +3 -0
- package/src/telemetry/BrowserRootPerformanceEvents.ts +7 -0
|
@@ -23,6 +23,7 @@ import {
|
|
|
23
23
|
Logger,
|
|
24
24
|
PerformanceEvents,
|
|
25
25
|
PopTokenGenerator,
|
|
26
|
+
RequestParameterBuilder,
|
|
26
27
|
ScopeSet,
|
|
27
28
|
ServerTelemetryManager,
|
|
28
29
|
SignedHttpRequestParameters,
|
|
@@ -166,7 +167,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
166
167
|
// start the perf measurement
|
|
167
168
|
const nativeATMeasurement = this.performanceClient.startMeasurement(
|
|
168
169
|
BrowserPerformanceEvents.NativeInteractionClientAcquireToken,
|
|
169
|
-
|
|
170
|
+
this.correlationId
|
|
170
171
|
);
|
|
171
172
|
const reqTimestamp = TimeUtils.nowSeconds();
|
|
172
173
|
|
|
@@ -180,7 +181,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
180
181
|
|
|
181
182
|
try {
|
|
182
183
|
// initialize native request
|
|
183
|
-
const nativeRequest = await this.
|
|
184
|
+
const nativeRequest = await this.initializePlatformRequest(request);
|
|
184
185
|
|
|
185
186
|
// check if the tokens can be retrieved from internal cache
|
|
186
187
|
try {
|
|
@@ -200,6 +201,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
200
201
|
"MSAL internal Cache does not contain tokens, return error as per cache policy",
|
|
201
202
|
this.correlationId
|
|
202
203
|
);
|
|
204
|
+
nativeATMeasurement.end({
|
|
205
|
+
success: false,
|
|
206
|
+
brokerErrorCode: "cache_request_failed",
|
|
207
|
+
});
|
|
203
208
|
throw e;
|
|
204
209
|
}
|
|
205
210
|
// continue with a native call for any and all errors
|
|
@@ -231,7 +236,6 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
231
236
|
success: false,
|
|
232
237
|
errorCode: error.errorCode,
|
|
233
238
|
subErrorCode: error.subError,
|
|
234
|
-
isNativeBroker: true,
|
|
235
239
|
});
|
|
236
240
|
throw error;
|
|
237
241
|
});
|
|
@@ -239,6 +243,9 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
239
243
|
if (e instanceof NativeAuthError) {
|
|
240
244
|
serverTelemetryManager.setNativeBrokerErrorCode(e.errorCode);
|
|
241
245
|
}
|
|
246
|
+
nativeATMeasurement.end({
|
|
247
|
+
success: false,
|
|
248
|
+
});
|
|
242
249
|
throw e;
|
|
243
250
|
}
|
|
244
251
|
}
|
|
@@ -284,7 +291,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
284
291
|
{
|
|
285
292
|
nativeAccountId,
|
|
286
293
|
},
|
|
287
|
-
|
|
294
|
+
this.correlationId
|
|
288
295
|
);
|
|
289
296
|
|
|
290
297
|
if (!account) {
|
|
@@ -332,7 +339,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
332
339
|
this.correlationId
|
|
333
340
|
);
|
|
334
341
|
|
|
335
|
-
const nativeRequest = await this.
|
|
342
|
+
const nativeRequest = await this.initializePlatformRequest(request);
|
|
336
343
|
const navigateToLoginRequestUrl =
|
|
337
344
|
options?.navigateToLoginRequestUrl ?? true;
|
|
338
345
|
|
|
@@ -385,10 +392,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
385
392
|
* @param performanceClient {IPerformanceClient?}
|
|
386
393
|
* @param correlationId {string?} correlation identifier
|
|
387
394
|
*/
|
|
388
|
-
async handleRedirectPromise(
|
|
389
|
-
performanceClient?: IPerformanceClient,
|
|
390
|
-
correlationId?: string
|
|
391
|
-
): Promise<AuthenticationResult | null> {
|
|
395
|
+
async handleRedirectPromise(): Promise<AuthenticationResult | null> {
|
|
392
396
|
this.logger.trace(
|
|
393
397
|
"NativeInteractionClient - handleRedirectPromise called.",
|
|
394
398
|
this.correlationId
|
|
@@ -408,12 +412,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
408
412
|
"NativeInteractionClient - handleRedirectPromise called but there is no cached request, returning null.",
|
|
409
413
|
this.correlationId
|
|
410
414
|
);
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
);
|
|
416
|
-
}
|
|
415
|
+
this.performanceClient?.addFields(
|
|
416
|
+
{ errorCode: "no_cached_request" },
|
|
417
|
+
this.correlationId
|
|
418
|
+
);
|
|
417
419
|
return null;
|
|
418
420
|
}
|
|
419
421
|
|
|
@@ -454,6 +456,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
454
456
|
this.logger
|
|
455
457
|
);
|
|
456
458
|
serverTelemetryManager.clearNativeBrokerErrorCode();
|
|
459
|
+
this.performanceClient?.addFields(
|
|
460
|
+
{ isNativeBroker: true },
|
|
461
|
+
this.correlationId
|
|
462
|
+
);
|
|
457
463
|
return authResult;
|
|
458
464
|
} catch (e) {
|
|
459
465
|
throw e;
|
|
@@ -936,23 +942,38 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
936
942
|
* Translates developer provided request object into NativeRequest object
|
|
937
943
|
* @param request
|
|
938
944
|
*/
|
|
939
|
-
protected async
|
|
945
|
+
protected async initializePlatformRequest(
|
|
940
946
|
request: PopupRequest | SsoSilentRequest
|
|
941
947
|
): Promise<PlatformAuthRequest> {
|
|
942
948
|
this.logger.trace(
|
|
943
|
-
"NativeInteractionClient -
|
|
949
|
+
"NativeInteractionClient - initializePlatformRequest called",
|
|
944
950
|
this.correlationId
|
|
945
951
|
);
|
|
946
952
|
|
|
947
953
|
const canonicalAuthority = await this.getCanonicalAuthority(request);
|
|
948
954
|
|
|
955
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
956
|
+
const configClaims =
|
|
957
|
+
request.skipBrokerClaims && !!request.embeddedClientId
|
|
958
|
+
? undefined
|
|
959
|
+
: this.config.auth.clientCapabilities;
|
|
960
|
+
|
|
949
961
|
// scopes are expected to be received by the native broker as "scope" and will be added to the request below. Other properties that should be dropped from the request to the native broker can be included in the object destructuring here.
|
|
950
|
-
const { scopes, ...remainingProperties } = request;
|
|
962
|
+
const { scopes, claims, ...remainingProperties } = request;
|
|
951
963
|
const scopeSet = new ScopeSet(scopes || []);
|
|
952
964
|
scopeSet.appendScopes(Constants.OIDC_DEFAULT_SCOPES);
|
|
953
965
|
|
|
966
|
+
const mergedClaims =
|
|
967
|
+
configClaims && configClaims.length
|
|
968
|
+
? RequestParameterBuilder.addClientCapabilitiesToClaims(
|
|
969
|
+
claims,
|
|
970
|
+
configClaims
|
|
971
|
+
)
|
|
972
|
+
: claims;
|
|
973
|
+
|
|
954
974
|
const validatedRequest: PlatformAuthRequest = {
|
|
955
975
|
...remainingProperties,
|
|
976
|
+
claims: mergedClaims,
|
|
956
977
|
accountId: this.accountId,
|
|
957
978
|
clientId: this.config.auth.clientId,
|
|
958
979
|
authority: canonicalAuthority.urlString,
|
|
@@ -1066,7 +1087,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
1066
1087
|
case ApiId.ssoSilent:
|
|
1067
1088
|
case ApiId.acquireTokenSilent_silentFlow:
|
|
1068
1089
|
this.logger.trace(
|
|
1069
|
-
"
|
|
1090
|
+
"initializePlatformRequest: silent request sets prompt to none",
|
|
1070
1091
|
this.correlationId
|
|
1071
1092
|
);
|
|
1072
1093
|
return Constants.PromptValue.NONE;
|
|
@@ -1077,7 +1098,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
1077
1098
|
// Prompt not provided, request may proceed and native broker decides if it needs to prompt
|
|
1078
1099
|
if (!prompt) {
|
|
1079
1100
|
this.logger.trace(
|
|
1080
|
-
"
|
|
1101
|
+
"initializePlatformRequest: prompt was not provided",
|
|
1081
1102
|
this.correlationId
|
|
1082
1103
|
);
|
|
1083
1104
|
return undefined;
|
|
@@ -1089,13 +1110,13 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
1089
1110
|
case Constants.PromptValue.CONSENT:
|
|
1090
1111
|
case Constants.PromptValue.LOGIN:
|
|
1091
1112
|
this.logger.trace(
|
|
1092
|
-
"
|
|
1113
|
+
"initializePlatformRequest: prompt is compatible with native flow",
|
|
1093
1114
|
this.correlationId
|
|
1094
1115
|
);
|
|
1095
1116
|
return prompt;
|
|
1096
1117
|
default:
|
|
1097
1118
|
this.logger.trace(
|
|
1098
|
-
`
|
|
1119
|
+
`initializePlatformRequest: prompt = '${prompt}' is not compatible with native flow`,
|
|
1099
1120
|
this.correlationId
|
|
1100
1121
|
);
|
|
1101
1122
|
throw createBrowserAuthError(
|
|
@@ -1149,7 +1170,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
1149
1170
|
embeddedClientId: child_client_id,
|
|
1150
1171
|
embeddedRedirectUri: child_redirect_uri,
|
|
1151
1172
|
},
|
|
1152
|
-
|
|
1173
|
+
this.correlationId
|
|
1153
1174
|
);
|
|
1154
1175
|
}
|
|
1155
1176
|
}
|
|
@@ -18,6 +18,7 @@ import {
|
|
|
18
18
|
invoke,
|
|
19
19
|
PkceCodes,
|
|
20
20
|
CommonAuthorizationUrlRequest,
|
|
21
|
+
ProtocolUtils,
|
|
21
22
|
} from "@azure/msal-common/browser";
|
|
22
23
|
import {
|
|
23
24
|
initializeAuthorizationRequest,
|
|
@@ -762,6 +763,15 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
762
763
|
}
|
|
763
764
|
}
|
|
764
765
|
|
|
766
|
+
// Redirect bridge requires "state" param to work properly
|
|
767
|
+
validRequest.state = ProtocolUtils.setRequestState(
|
|
768
|
+
this.browserCrypto,
|
|
769
|
+
validRequest.state || "",
|
|
770
|
+
{
|
|
771
|
+
interactionType: InteractionType.Popup,
|
|
772
|
+
}
|
|
773
|
+
);
|
|
774
|
+
|
|
765
775
|
// Create logout string and navigate user window to logout.
|
|
766
776
|
const logoutUri: string = authClient.getLogoutUri(validRequest);
|
|
767
777
|
|
|
@@ -19,6 +19,7 @@ import {
|
|
|
19
19
|
UrlUtils,
|
|
20
20
|
InProgressPerformanceEvent,
|
|
21
21
|
CommonAuthorizationUrlRequest,
|
|
22
|
+
ProtocolUtils,
|
|
22
23
|
} from "@azure/msal-common/browser";
|
|
23
24
|
import {
|
|
24
25
|
initializeAuthorizationRequest,
|
|
@@ -870,6 +871,15 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
870
871
|
}
|
|
871
872
|
}
|
|
872
873
|
|
|
874
|
+
// Redirect bridge requires "state" param to work properly
|
|
875
|
+
validLogoutRequest.state = ProtocolUtils.setRequestState(
|
|
876
|
+
this.browserCrypto,
|
|
877
|
+
validLogoutRequest.state || "",
|
|
878
|
+
{
|
|
879
|
+
interactionType: InteractionType.Redirect,
|
|
880
|
+
}
|
|
881
|
+
);
|
|
882
|
+
|
|
873
883
|
// Create logout string and navigate user window to logout.
|
|
874
884
|
const logoutUri: string =
|
|
875
885
|
authClient.getLogoutUri(validLogoutRequest);
|
|
@@ -15,6 +15,8 @@ import {
|
|
|
15
15
|
invoke,
|
|
16
16
|
ProtocolMode,
|
|
17
17
|
CommonAuthorizationUrlRequest,
|
|
18
|
+
AuthorizeProtocol,
|
|
19
|
+
PkceCodes,
|
|
18
20
|
} from "@azure/msal-common/browser";
|
|
19
21
|
import {
|
|
20
22
|
initializeAuthorizationRequest,
|
|
@@ -392,6 +394,85 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
392
394
|
}
|
|
393
395
|
}
|
|
394
396
|
|
|
397
|
+
/**
|
|
398
|
+
* Verifies SSO capability by making an iframe request to /authorize without exchanging the code for tokens.
|
|
399
|
+
* This is useful for verifying SSO capability in the background without the overhead of a full token exchange.
|
|
400
|
+
* @param request - The SSO silent request
|
|
401
|
+
* @returns true if SSO verification was successful with a valid authorization code, false otherwise
|
|
402
|
+
*/
|
|
403
|
+
async verifySso(request: SsoSilentRequest): Promise<boolean> {
|
|
404
|
+
const inputRequest = { ...request };
|
|
405
|
+
if (!inputRequest.prompt) {
|
|
406
|
+
inputRequest.prompt = Constants.PromptValue.NONE;
|
|
407
|
+
}
|
|
408
|
+
|
|
409
|
+
// Create silent request
|
|
410
|
+
const silentRequest: CommonAuthorizationUrlRequest = await invokeAsync(
|
|
411
|
+
initializeAuthorizationRequest,
|
|
412
|
+
BrowserPerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest,
|
|
413
|
+
this.logger,
|
|
414
|
+
this.performanceClient,
|
|
415
|
+
this.correlationId
|
|
416
|
+
)(
|
|
417
|
+
inputRequest,
|
|
418
|
+
InteractionType.Silent,
|
|
419
|
+
this.config,
|
|
420
|
+
this.browserCrypto,
|
|
421
|
+
this.browserStorage,
|
|
422
|
+
this.logger,
|
|
423
|
+
this.performanceClient,
|
|
424
|
+
this.correlationId
|
|
425
|
+
);
|
|
426
|
+
|
|
427
|
+
const authClient: AuthorizationCodeClient = await invokeAsync(
|
|
428
|
+
this.createAuthCodeClient.bind(this),
|
|
429
|
+
BrowserPerformanceEvents.StandardInteractionClientCreateAuthCodeClient,
|
|
430
|
+
this.logger,
|
|
431
|
+
this.performanceClient,
|
|
432
|
+
this.correlationId
|
|
433
|
+
)({
|
|
434
|
+
serverTelemetryManager: initializeServerTelemetryManager(
|
|
435
|
+
this.apiId,
|
|
436
|
+
this.config.auth.clientId,
|
|
437
|
+
this.correlationId,
|
|
438
|
+
this.browserStorage,
|
|
439
|
+
this.logger
|
|
440
|
+
),
|
|
441
|
+
requestAuthority: silentRequest.authority,
|
|
442
|
+
requestAzureCloudOptions: silentRequest.azureCloudOptions,
|
|
443
|
+
requestExtraQueryParameters: silentRequest.extraQueryParameters,
|
|
444
|
+
account: silentRequest.account,
|
|
445
|
+
});
|
|
446
|
+
|
|
447
|
+
const { serverParams } = await this.silentAuthorizeHelper(
|
|
448
|
+
authClient,
|
|
449
|
+
silentRequest
|
|
450
|
+
);
|
|
451
|
+
|
|
452
|
+
const correlationId = silentRequest.correlationId;
|
|
453
|
+
|
|
454
|
+
// Validate the response - this checks for errors and validates state
|
|
455
|
+
AuthorizeProtocol.validateAuthorizationResponse(
|
|
456
|
+
serverParams,
|
|
457
|
+
silentRequest.state
|
|
458
|
+
);
|
|
459
|
+
|
|
460
|
+
// Verify a valid authorization code is present
|
|
461
|
+
if (!serverParams.code) {
|
|
462
|
+
this.logger.warning(
|
|
463
|
+
"SSO verification response did not contain an authorization code",
|
|
464
|
+
correlationId
|
|
465
|
+
);
|
|
466
|
+
return false;
|
|
467
|
+
}
|
|
468
|
+
|
|
469
|
+
this.logger.verbose(
|
|
470
|
+
"SSO verification completed successfully with valid authorization code - skipped token exchange",
|
|
471
|
+
correlationId
|
|
472
|
+
);
|
|
473
|
+
return true;
|
|
474
|
+
}
|
|
475
|
+
|
|
395
476
|
/**
|
|
396
477
|
* Currently Unsupported
|
|
397
478
|
*/
|
|
@@ -414,6 +495,47 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
414
495
|
authClient: AuthorizationCodeClient,
|
|
415
496
|
request: CommonAuthorizationUrlRequest
|
|
416
497
|
): Promise<AuthenticationResult> {
|
|
498
|
+
const { serverParams, pkceCodes } = await this.silentAuthorizeHelper(
|
|
499
|
+
authClient,
|
|
500
|
+
request
|
|
501
|
+
);
|
|
502
|
+
|
|
503
|
+
return invokeAsync(
|
|
504
|
+
Authorize.handleResponseCode,
|
|
505
|
+
BrowserPerformanceEvents.HandleResponseCode,
|
|
506
|
+
this.logger,
|
|
507
|
+
this.performanceClient,
|
|
508
|
+
request.correlationId
|
|
509
|
+
)(
|
|
510
|
+
request,
|
|
511
|
+
serverParams,
|
|
512
|
+
pkceCodes.verifier,
|
|
513
|
+
this.apiId,
|
|
514
|
+
this.config,
|
|
515
|
+
authClient,
|
|
516
|
+
this.browserStorage,
|
|
517
|
+
this.nativeStorage,
|
|
518
|
+
this.eventHandler,
|
|
519
|
+
this.logger,
|
|
520
|
+
this.performanceClient,
|
|
521
|
+
this.platformAuthProvider
|
|
522
|
+
);
|
|
523
|
+
}
|
|
524
|
+
|
|
525
|
+
/**
|
|
526
|
+
* Shared helper that generates PKCE codes, builds the /authorize URL,
|
|
527
|
+
* loads it in a hidden iframe, waits for the redirect-bridge response,
|
|
528
|
+
* and returns the deserialized server parameters along with the PKCE codes
|
|
529
|
+
* and the request that was sent.
|
|
530
|
+
*/
|
|
531
|
+
private async silentAuthorizeHelper(
|
|
532
|
+
authClient: AuthorizationCodeClient,
|
|
533
|
+
request: CommonAuthorizationUrlRequest
|
|
534
|
+
): Promise<{
|
|
535
|
+
serverParams: ReturnType<typeof ResponseHandler.deserializeResponse>;
|
|
536
|
+
pkceCodes: PkceCodes;
|
|
537
|
+
silentRequest: CommonAuthorizationUrlRequest;
|
|
538
|
+
}> {
|
|
417
539
|
const correlationId = request.correlationId;
|
|
418
540
|
const pkceCodes = await invokeAsync(
|
|
419
541
|
generatePkceCodes,
|
|
@@ -505,25 +627,6 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
505
627
|
correlationId
|
|
506
628
|
)(responseString, responseType, this.logger, this.correlationId);
|
|
507
629
|
|
|
508
|
-
return
|
|
509
|
-
Authorize.handleResponseCode,
|
|
510
|
-
BrowserPerformanceEvents.HandleResponseCode,
|
|
511
|
-
this.logger,
|
|
512
|
-
this.performanceClient,
|
|
513
|
-
correlationId
|
|
514
|
-
)(
|
|
515
|
-
request,
|
|
516
|
-
serverParams,
|
|
517
|
-
pkceCodes.verifier,
|
|
518
|
-
this.apiId,
|
|
519
|
-
this.config,
|
|
520
|
-
authClient,
|
|
521
|
-
this.browserStorage,
|
|
522
|
-
this.nativeStorage,
|
|
523
|
-
this.eventHandler,
|
|
524
|
-
this.logger,
|
|
525
|
-
this.performanceClient,
|
|
526
|
-
this.platformAuthProvider
|
|
527
|
-
);
|
|
630
|
+
return { serverParams, pkceCodes, silentRequest };
|
|
528
631
|
}
|
|
529
632
|
}
|
package/src/packageMetadata.ts
CHANGED
|
@@ -176,6 +176,14 @@ async function getStandardParameters(
|
|
|
176
176
|
// signal ests that this is a WAM call
|
|
177
177
|
RequestParameterBuilder.addNativeBroker(parameters);
|
|
178
178
|
|
|
179
|
+
// instrument JS-platform bridge specific fields
|
|
180
|
+
performanceClient.addFields(
|
|
181
|
+
{
|
|
182
|
+
isPlatformAuthorizeRequest: true,
|
|
183
|
+
},
|
|
184
|
+
request.correlationId
|
|
185
|
+
);
|
|
186
|
+
|
|
179
187
|
// pass the req_cnf for POP
|
|
180
188
|
if (
|
|
181
189
|
request.authenticationScheme === Constants.AuthenticationScheme.POP
|
|
@@ -7,6 +7,7 @@ import { parseAuthResponseFromUrl } from "../utils/BrowserUtils.js";
|
|
|
7
7
|
import * as BrowserUtils from "../utils/BrowserUtils.js";
|
|
8
8
|
import {
|
|
9
9
|
ApiId,
|
|
10
|
+
INTERACTION_TYPE,
|
|
10
11
|
InteractionType,
|
|
11
12
|
TemporaryCacheKeys,
|
|
12
13
|
} from "../utils/BrowserConstants.js";
|
|
@@ -59,14 +60,10 @@ export async function broadcastResponseToMainFrame(
|
|
|
59
60
|
|
|
60
61
|
if (meta["interactionType"] === InteractionType.Redirect) {
|
|
61
62
|
const navClient = navigationClient || new NavigationClient();
|
|
62
|
-
const navigationOptions: NavigationOptions = {
|
|
63
|
-
apiId: ApiId.handleRedirectPromise,
|
|
64
|
-
noHistory: true,
|
|
65
|
-
timeout: DEFAULT_REDIRECT_TIMEOUT_MS,
|
|
66
|
-
};
|
|
67
63
|
|
|
68
64
|
let navigateToUrl = "";
|
|
69
65
|
let clientId = "";
|
|
66
|
+
let interactionType = "";
|
|
70
67
|
const interactionKey = `${PREFIX}.${TemporaryCacheKeys.INTERACTION_STATUS_KEY}`;
|
|
71
68
|
/*
|
|
72
69
|
* Retrieve the clientId and original navigation URL from
|
|
@@ -78,6 +75,7 @@ export async function broadcastResponseToMainFrame(
|
|
|
78
75
|
window.sessionStorage.getItem(interactionKey);
|
|
79
76
|
const interactionStatus = JSON.parse(rawInteractionStatus || "");
|
|
80
77
|
clientId = interactionStatus.clientId || "";
|
|
78
|
+
interactionType = interactionStatus.type;
|
|
81
79
|
|
|
82
80
|
if (clientId) {
|
|
83
81
|
const originKey = `${PREFIX}.${clientId}.${TemporaryCacheKeys.ORIGIN_URI}`;
|
|
@@ -87,6 +85,15 @@ export async function broadcastResponseToMainFrame(
|
|
|
87
85
|
// sessionStorage access or JSON.parse failed
|
|
88
86
|
}
|
|
89
87
|
|
|
88
|
+
const navigationOptions: NavigationOptions = {
|
|
89
|
+
apiId:
|
|
90
|
+
interactionType === INTERACTION_TYPE.SIGNOUT
|
|
91
|
+
? ApiId.logout
|
|
92
|
+
: ApiId.handleRedirectPromise,
|
|
93
|
+
noHistory: true,
|
|
94
|
+
timeout: DEFAULT_REDIRECT_TIMEOUT_MS,
|
|
95
|
+
};
|
|
96
|
+
|
|
90
97
|
/*
|
|
91
98
|
* Cache the auth response payload in sessionStorage under the URL_HASH
|
|
92
99
|
* key, then navigate directly to the origin URL. This replicates what
|
|
@@ -75,6 +75,9 @@ export const FetchAccountIdWithNativeBroker = "fetchAccountIdWithNativeBroker";
|
|
|
75
75
|
export const NativeInteractionClientAcquireToken =
|
|
76
76
|
"nativeInteractionClientAcquireToken";
|
|
77
77
|
|
|
78
|
+
export const NativeInteractionClientAcquireTokenRedirect =
|
|
79
|
+
"nativeInteractionClientAcquireToken";
|
|
80
|
+
|
|
78
81
|
/**
|
|
79
82
|
* Time spent creating default headers for requests to token endpoint
|
|
80
83
|
*/
|
|
@@ -41,3 +41,10 @@ export const InitializeClientApplication = "initializeClientApplication";
|
|
|
41
41
|
export const LocalStorageUpdated = "localStorageUpdated";
|
|
42
42
|
// Load external tokens
|
|
43
43
|
export const LoadExternalTokens = "loadExternalTokens";
|
|
44
|
+
/**
|
|
45
|
+
* SSO capability verification call (msal-browser).
|
|
46
|
+
* Fire-and-forget SSO verification call made after interactive authentication completes.
|
|
47
|
+
*/
|
|
48
|
+
export const SsoCapable = "ssoCapable";
|
|
49
|
+
// Wait for late response from bridge after timeout has already occurred
|
|
50
|
+
export const WaitForBridgeLateResponse = "waitForBridgeLateResponse";
|