@azure/msal-common 14.13.1 → 14.14.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (193) hide show
  1. package/dist/account/AccountInfo.d.ts +66 -66
  2. package/dist/account/AccountInfo.mjs +77 -77
  3. package/dist/account/AuthToken.d.ts +17 -17
  4. package/dist/account/AuthToken.mjs +58 -58
  5. package/dist/account/CcsCredential.d.ts +9 -9
  6. package/dist/account/CcsCredential.mjs +8 -8
  7. package/dist/account/ClientCredentials.d.ts +19 -19
  8. package/dist/account/ClientInfo.d.ts +18 -18
  9. package/dist/account/ClientInfo.mjs +37 -37
  10. package/dist/account/TokenClaims.d.ts +83 -83
  11. package/dist/account/TokenClaims.mjs +20 -20
  12. package/dist/authority/Authority.d.ts +254 -254
  13. package/dist/authority/Authority.mjs +836 -836
  14. package/dist/authority/AuthorityFactory.d.ts +18 -18
  15. package/dist/authority/AuthorityFactory.mjs +28 -28
  16. package/dist/authority/AuthorityMetadata.d.ts +43 -43
  17. package/dist/authority/AuthorityMetadata.mjs +137 -137
  18. package/dist/authority/AuthorityOptions.d.ts +27 -27
  19. package/dist/authority/AuthorityOptions.mjs +18 -18
  20. package/dist/authority/AuthorityType.d.ts +10 -10
  21. package/dist/authority/AuthorityType.mjs +13 -13
  22. package/dist/authority/AzureRegion.d.ts +1 -1
  23. package/dist/authority/AzureRegionConfiguration.d.ts +5 -5
  24. package/dist/authority/CloudDiscoveryMetadata.d.ts +5 -5
  25. package/dist/authority/CloudInstanceDiscoveryErrorResponse.d.ts +13 -13
  26. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +8 -8
  27. package/dist/authority/CloudInstanceDiscoveryResponse.d.ts +9 -9
  28. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +8 -8
  29. package/dist/authority/ImdsOptions.d.ts +5 -5
  30. package/dist/authority/OIDCOptions.d.ts +8 -8
  31. package/dist/authority/OpenIdConfigResponse.d.ts +11 -11
  32. package/dist/authority/OpenIdConfigResponse.mjs +10 -10
  33. package/dist/authority/ProtocolMode.d.ts +8 -8
  34. package/dist/authority/ProtocolMode.mjs +11 -11
  35. package/dist/authority/RegionDiscovery.d.ts +32 -32
  36. package/dist/authority/RegionDiscovery.mjs +106 -106
  37. package/dist/authority/RegionDiscoveryMetadata.d.ts +6 -6
  38. package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +15 -15
  39. package/dist/cache/CacheManager.d.ts +497 -497
  40. package/dist/cache/CacheManager.mjs +1249 -1249
  41. package/dist/cache/entities/AccessTokenEntity.d.ts +25 -25
  42. package/dist/cache/entities/AccountEntity.d.ts +106 -106
  43. package/dist/cache/entities/AccountEntity.mjs +240 -240
  44. package/dist/cache/entities/AppMetadataEntity.d.ts +11 -11
  45. package/dist/cache/entities/AuthorityMetadataEntity.d.ts +15 -15
  46. package/dist/cache/entities/CacheRecord.d.ts +13 -13
  47. package/dist/cache/entities/CredentialEntity.d.ts +30 -30
  48. package/dist/cache/entities/IdTokenEntity.d.ts +8 -8
  49. package/dist/cache/entities/RefreshTokenEntity.d.ts +7 -7
  50. package/dist/cache/entities/ServerTelemetryEntity.d.ts +6 -5
  51. package/dist/cache/entities/ServerTelemetryEntity.d.ts.map +1 -1
  52. package/dist/cache/entities/ThrottlingEntity.d.ts +7 -7
  53. package/dist/cache/interface/ICacheManager.d.ts +166 -166
  54. package/dist/cache/interface/ICachePlugin.d.ts +5 -5
  55. package/dist/cache/interface/ISerializableTokenCache.d.ts +4 -4
  56. package/dist/cache/persistence/TokenCacheContext.d.ts +23 -23
  57. package/dist/cache/persistence/TokenCacheContext.mjs +25 -25
  58. package/dist/cache/utils/CacheHelpers.d.ts +94 -94
  59. package/dist/cache/utils/CacheHelpers.mjs +324 -324
  60. package/dist/cache/utils/CacheTypes.d.ts +69 -69
  61. package/dist/client/AuthorizationCodeClient.d.ts +74 -74
  62. package/dist/client/AuthorizationCodeClient.mjs +420 -420
  63. package/dist/client/BaseClient.d.ts +51 -51
  64. package/dist/client/BaseClient.mjs +100 -100
  65. package/dist/client/RefreshTokenClient.d.ts +35 -35
  66. package/dist/client/RefreshTokenClient.mjs +211 -211
  67. package/dist/client/SilentFlowClient.d.ts +27 -27
  68. package/dist/client/SilentFlowClient.mjs +133 -133
  69. package/dist/config/AppTokenProvider.d.ts +38 -38
  70. package/dist/config/ClientConfiguration.d.ts +150 -150
  71. package/dist/config/ClientConfiguration.mjs +95 -95
  72. package/dist/constants/AADServerParamKeys.d.ts +53 -52
  73. package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
  74. package/dist/constants/AADServerParamKeys.mjs +59 -58
  75. package/dist/constants/AADServerParamKeys.mjs.map +1 -1
  76. package/dist/crypto/ICrypto.d.ts +68 -68
  77. package/dist/crypto/ICrypto.mjs +36 -36
  78. package/dist/crypto/IGuidGenerator.d.ts +4 -4
  79. package/dist/crypto/JoseHeader.d.ts +22 -22
  80. package/dist/crypto/JoseHeader.mjs +37 -37
  81. package/dist/crypto/PopTokenGenerator.d.ts +59 -59
  82. package/dist/crypto/PopTokenGenerator.mjs +81 -81
  83. package/dist/crypto/SignedHttpRequest.d.ts +15 -15
  84. package/dist/error/AuthError.d.ts +44 -44
  85. package/dist/error/AuthError.mjs +46 -46
  86. package/dist/error/AuthErrorCodes.d.ts +5 -5
  87. package/dist/error/AuthErrorCodes.mjs +9 -9
  88. package/dist/error/CacheError.d.ts +20 -20
  89. package/dist/error/CacheError.mjs +24 -24
  90. package/dist/error/CacheErrorCodes.d.ts +2 -2
  91. package/dist/error/CacheErrorCodes.mjs +6 -6
  92. package/dist/error/ClientAuthError.d.ts +237 -237
  93. package/dist/error/ClientAuthError.mjs +249 -249
  94. package/dist/error/ClientAuthErrorCodes.d.ts +44 -44
  95. package/dist/error/ClientAuthErrorCodes.mjs +48 -48
  96. package/dist/error/ClientConfigurationError.d.ts +128 -128
  97. package/dist/error/ClientConfigurationError.mjs +135 -135
  98. package/dist/error/ClientConfigurationErrorCodes.d.ts +22 -22
  99. package/dist/error/ClientConfigurationErrorCodes.mjs +26 -26
  100. package/dist/error/InteractionRequiredAuthError.d.ts +65 -65
  101. package/dist/error/InteractionRequiredAuthError.mjs +85 -85
  102. package/dist/error/InteractionRequiredAuthErrorCodes.d.ts +7 -7
  103. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +13 -13
  104. package/dist/error/JoseHeaderError.d.ts +15 -15
  105. package/dist/error/JoseHeaderError.mjs +22 -22
  106. package/dist/error/JoseHeaderErrorCodes.d.ts +2 -2
  107. package/dist/error/JoseHeaderErrorCodes.mjs +6 -6
  108. package/dist/error/ServerError.d.ts +15 -15
  109. package/dist/error/ServerError.mjs +16 -16
  110. package/dist/index.cjs +8664 -8599
  111. package/dist/index.cjs.map +1 -1
  112. package/dist/index.d.ts +107 -107
  113. package/dist/index.mjs +1 -1
  114. package/dist/logger/Logger.d.ts +95 -95
  115. package/dist/logger/Logger.mjs +188 -188
  116. package/dist/network/INetworkModule.d.ts +29 -29
  117. package/dist/network/INetworkModule.mjs +12 -12
  118. package/dist/network/NetworkManager.d.ts +33 -33
  119. package/dist/network/NetworkManager.mjs +34 -34
  120. package/dist/network/RequestThumbprint.d.ts +18 -18
  121. package/dist/network/ThrottlingUtils.d.ts +42 -42
  122. package/dist/network/ThrottlingUtils.mjs +95 -95
  123. package/dist/packageMetadata.d.ts +2 -2
  124. package/dist/packageMetadata.mjs +4 -4
  125. package/dist/request/AuthenticationHeaderParser.d.ts +19 -19
  126. package/dist/request/AuthenticationHeaderParser.mjs +55 -55
  127. package/dist/request/BaseAuthRequest.d.ts +47 -47
  128. package/dist/request/CommonAuthorizationCodeRequest.d.ts +27 -27
  129. package/dist/request/CommonAuthorizationUrlRequest.d.ts +50 -50
  130. package/dist/request/CommonClientCredentialRequest.d.ts +17 -17
  131. package/dist/request/CommonDeviceCodeRequest.d.ts +21 -21
  132. package/dist/request/CommonEndSessionRequest.d.ts +21 -21
  133. package/dist/request/CommonOnBehalfOfRequest.d.ts +13 -13
  134. package/dist/request/CommonRefreshTokenRequest.d.ts +22 -22
  135. package/dist/request/CommonSilentFlowRequest.d.ts +27 -27
  136. package/dist/request/CommonUsernamePasswordRequest.d.ts +17 -17
  137. package/dist/request/NativeRequest.d.ts +19 -19
  138. package/dist/request/NativeSignOutRequest.d.ts +5 -5
  139. package/dist/request/RequestParameterBuilder.d.ts +217 -217
  140. package/dist/request/RequestParameterBuilder.mjs +382 -382
  141. package/dist/request/RequestValidator.d.ts +27 -27
  142. package/dist/request/RequestValidator.mjs +64 -64
  143. package/dist/request/ScopeSet.d.ts +88 -88
  144. package/dist/request/ScopeSet.mjs +197 -197
  145. package/dist/request/StoreInCache.d.ts +8 -8
  146. package/dist/response/AuthenticationResult.d.ts +41 -41
  147. package/dist/response/AuthorizationCodePayload.d.ts +13 -13
  148. package/dist/response/DeviceCodeResponse.d.ts +25 -25
  149. package/dist/response/ExternalTokenResponse.d.ts +15 -15
  150. package/dist/response/IMDSBadResponse.d.ts +4 -4
  151. package/dist/response/ResponseHandler.d.ts +69 -69
  152. package/dist/response/ResponseHandler.mjs +374 -374
  153. package/dist/response/ServerAuthorizationCodeResponse.d.ts +26 -26
  154. package/dist/response/ServerAuthorizationTokenResponse.d.ts +47 -47
  155. package/dist/telemetry/performance/IPerformanceClient.d.ts +57 -57
  156. package/dist/telemetry/performance/IPerformanceMeasurement.d.ts +5 -5
  157. package/dist/telemetry/performance/PerformanceClient.d.ts +242 -242
  158. package/dist/telemetry/performance/PerformanceClient.mjs +587 -587
  159. package/dist/telemetry/performance/PerformanceEvent.d.ts +515 -505
  160. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  161. package/dist/telemetry/performance/PerformanceEvent.mjs +484 -480
  162. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  163. package/dist/telemetry/performance/StubPerformanceClient.d.ts +24 -24
  164. package/dist/telemetry/performance/StubPerformanceClient.mjs +76 -76
  165. package/dist/telemetry/server/ServerTelemetryManager.d.ts +78 -66
  166. package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
  167. package/dist/telemetry/server/ServerTelemetryManager.mjs +260 -201
  168. package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  169. package/dist/telemetry/server/ServerTelemetryRequest.d.ts +8 -8
  170. package/dist/url/IUri.d.ts +12 -12
  171. package/dist/url/UrlString.d.ts +48 -48
  172. package/dist/url/UrlString.mjs +161 -161
  173. package/dist/utils/ClientAssertionUtils.d.ts +2 -2
  174. package/dist/utils/ClientAssertionUtils.mjs +16 -16
  175. package/dist/utils/Constants.d.ts +309 -309
  176. package/dist/utils/Constants.mjs +322 -322
  177. package/dist/utils/FunctionWrappers.d.ts +27 -27
  178. package/dist/utils/FunctionWrappers.mjs +94 -94
  179. package/dist/utils/MsalTypes.d.ts +6 -6
  180. package/dist/utils/ProtocolUtils.d.ts +42 -42
  181. package/dist/utils/ProtocolUtils.mjs +69 -69
  182. package/dist/utils/StringUtils.d.ts +40 -40
  183. package/dist/utils/StringUtils.mjs +95 -95
  184. package/dist/utils/TimeUtils.d.ts +25 -25
  185. package/dist/utils/TimeUtils.mjs +43 -43
  186. package/dist/utils/UrlUtils.d.ts +10 -10
  187. package/dist/utils/UrlUtils.mjs +44 -44
  188. package/package.json +1 -1
  189. package/src/cache/entities/ServerTelemetryEntity.ts +1 -0
  190. package/src/constants/AADServerParamKeys.ts +1 -0
  191. package/src/packageMetadata.ts +1 -1
  192. package/src/telemetry/performance/PerformanceEvent.ts +12 -0
  193. package/src/telemetry/server/ServerTelemetryManager.ts +95 -1
@@ -1,43 +1,43 @@
1
- import { NetworkResponse } from "./NetworkManager";
2
- import { ServerAuthorizationTokenResponse } from "../response/ServerAuthorizationTokenResponse";
3
- import { CacheManager } from "../cache/CacheManager";
4
- import { RequestThumbprint } from "./RequestThumbprint";
5
- import { BaseAuthRequest } from "../request/BaseAuthRequest";
6
- /** @internal */
7
- export declare class ThrottlingUtils {
8
- /**
9
- * Prepares a RequestThumbprint to be stored as a key.
10
- * @param thumbprint
11
- */
12
- static generateThrottlingStorageKey(thumbprint: RequestThumbprint): string;
13
- /**
14
- * Performs necessary throttling checks before a network request.
15
- * @param cacheManager
16
- * @param thumbprint
17
- */
18
- static preProcess(cacheManager: CacheManager, thumbprint: RequestThumbprint): void;
19
- /**
20
- * Performs necessary throttling checks after a network request.
21
- * @param cacheManager
22
- * @param thumbprint
23
- * @param response
24
- */
25
- static postProcess(cacheManager: CacheManager, thumbprint: RequestThumbprint, response: NetworkResponse<ServerAuthorizationTokenResponse>): void;
26
- /**
27
- * Checks a NetworkResponse object's status codes against 429 or 5xx
28
- * @param response
29
- */
30
- static checkResponseStatus(response: NetworkResponse<ServerAuthorizationTokenResponse>): boolean;
31
- /**
32
- * Checks a NetworkResponse object's RetryAfter header
33
- * @param response
34
- */
35
- static checkResponseForRetryAfter(response: NetworkResponse<ServerAuthorizationTokenResponse>): boolean;
36
- /**
37
- * Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.
38
- * @param throttleTime
39
- */
40
- static calculateThrottleTime(throttleTime: number): number;
41
- static removeThrottle(cacheManager: CacheManager, clientId: string, request: BaseAuthRequest, homeAccountIdentifier?: string): void;
42
- }
1
+ import { NetworkResponse } from "./NetworkManager";
2
+ import { ServerAuthorizationTokenResponse } from "../response/ServerAuthorizationTokenResponse";
3
+ import { CacheManager } from "../cache/CacheManager";
4
+ import { RequestThumbprint } from "./RequestThumbprint";
5
+ import { BaseAuthRequest } from "../request/BaseAuthRequest";
6
+ /** @internal */
7
+ export declare class ThrottlingUtils {
8
+ /**
9
+ * Prepares a RequestThumbprint to be stored as a key.
10
+ * @param thumbprint
11
+ */
12
+ static generateThrottlingStorageKey(thumbprint: RequestThumbprint): string;
13
+ /**
14
+ * Performs necessary throttling checks before a network request.
15
+ * @param cacheManager
16
+ * @param thumbprint
17
+ */
18
+ static preProcess(cacheManager: CacheManager, thumbprint: RequestThumbprint): void;
19
+ /**
20
+ * Performs necessary throttling checks after a network request.
21
+ * @param cacheManager
22
+ * @param thumbprint
23
+ * @param response
24
+ */
25
+ static postProcess(cacheManager: CacheManager, thumbprint: RequestThumbprint, response: NetworkResponse<ServerAuthorizationTokenResponse>): void;
26
+ /**
27
+ * Checks a NetworkResponse object's status codes against 429 or 5xx
28
+ * @param response
29
+ */
30
+ static checkResponseStatus(response: NetworkResponse<ServerAuthorizationTokenResponse>): boolean;
31
+ /**
32
+ * Checks a NetworkResponse object's RetryAfter header
33
+ * @param response
34
+ */
35
+ static checkResponseForRetryAfter(response: NetworkResponse<ServerAuthorizationTokenResponse>): boolean;
36
+ /**
37
+ * Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.
38
+ * @param throttleTime
39
+ */
40
+ static calculateThrottleTime(throttleTime: number): number;
41
+ static removeThrottle(cacheManager: CacheManager, clientId: string, request: BaseAuthRequest, homeAccountIdentifier?: string): void;
42
+ }
43
43
  //# sourceMappingURL=ThrottlingUtils.d.ts.map
@@ -1,102 +1,102 @@
1
- /*! @azure/msal-common v14.13.1 2024-07-16 */
1
+ /*! @azure/msal-common v14.14.1 2024-08-13 */
2
2
  'use strict';
3
3
  import { ThrottlingConstants, Constants, HeaderNames } from '../utils/Constants.mjs';
4
4
  import { ServerError } from '../error/ServerError.mjs';
5
5
 
6
- /*
7
- * Copyright (c) Microsoft Corporation. All rights reserved.
8
- * Licensed under the MIT License.
9
- */
10
- /** @internal */
11
- class ThrottlingUtils {
12
- /**
13
- * Prepares a RequestThumbprint to be stored as a key.
14
- * @param thumbprint
15
- */
16
- static generateThrottlingStorageKey(thumbprint) {
17
- return `${ThrottlingConstants.THROTTLING_PREFIX}.${JSON.stringify(thumbprint)}`;
18
- }
19
- /**
20
- * Performs necessary throttling checks before a network request.
21
- * @param cacheManager
22
- * @param thumbprint
23
- */
24
- static preProcess(cacheManager, thumbprint) {
25
- const key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
26
- const value = cacheManager.getThrottlingCache(key);
27
- if (value) {
28
- if (value.throttleTime < Date.now()) {
29
- cacheManager.removeItem(key);
30
- return;
31
- }
32
- throw new ServerError(value.errorCodes?.join(" ") || Constants.EMPTY_STRING, value.errorMessage, value.subError);
33
- }
34
- }
35
- /**
36
- * Performs necessary throttling checks after a network request.
37
- * @param cacheManager
38
- * @param thumbprint
39
- * @param response
40
- */
41
- static postProcess(cacheManager, thumbprint, response) {
42
- if (ThrottlingUtils.checkResponseStatus(response) ||
43
- ThrottlingUtils.checkResponseForRetryAfter(response)) {
44
- const thumbprintValue = {
45
- throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),
46
- error: response.body.error,
47
- errorCodes: response.body.error_codes,
48
- errorMessage: response.body.error_description,
49
- subError: response.body.suberror,
50
- };
51
- cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);
52
- }
53
- }
54
- /**
55
- * Checks a NetworkResponse object's status codes against 429 or 5xx
56
- * @param response
57
- */
58
- static checkResponseStatus(response) {
59
- return (response.status === 429 ||
60
- (response.status >= 500 && response.status < 600));
61
- }
62
- /**
63
- * Checks a NetworkResponse object's RetryAfter header
64
- * @param response
65
- */
66
- static checkResponseForRetryAfter(response) {
67
- if (response.headers) {
68
- return (response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) &&
69
- (response.status < 200 || response.status >= 300));
70
- }
71
- return false;
72
- }
73
- /**
74
- * Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.
75
- * @param throttleTime
76
- */
77
- static calculateThrottleTime(throttleTime) {
78
- const time = throttleTime <= 0 ? 0 : throttleTime;
79
- const currentSeconds = Date.now() / 1000;
80
- return Math.floor(Math.min(currentSeconds +
81
- (time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds +
82
- ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);
83
- }
84
- static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
85
- const thumbprint = {
86
- clientId: clientId,
87
- authority: request.authority,
88
- scopes: request.scopes,
89
- homeAccountIdentifier: homeAccountIdentifier,
90
- claims: request.claims,
91
- authenticationScheme: request.authenticationScheme,
92
- resourceRequestMethod: request.resourceRequestMethod,
93
- resourceRequestUri: request.resourceRequestUri,
94
- shrClaims: request.shrClaims,
95
- sshKid: request.sshKid,
96
- };
97
- const key = this.generateThrottlingStorageKey(thumbprint);
98
- cacheManager.removeItem(key);
99
- }
6
+ /*
7
+ * Copyright (c) Microsoft Corporation. All rights reserved.
8
+ * Licensed under the MIT License.
9
+ */
10
+ /** @internal */
11
+ class ThrottlingUtils {
12
+ /**
13
+ * Prepares a RequestThumbprint to be stored as a key.
14
+ * @param thumbprint
15
+ */
16
+ static generateThrottlingStorageKey(thumbprint) {
17
+ return `${ThrottlingConstants.THROTTLING_PREFIX}.${JSON.stringify(thumbprint)}`;
18
+ }
19
+ /**
20
+ * Performs necessary throttling checks before a network request.
21
+ * @param cacheManager
22
+ * @param thumbprint
23
+ */
24
+ static preProcess(cacheManager, thumbprint) {
25
+ const key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
26
+ const value = cacheManager.getThrottlingCache(key);
27
+ if (value) {
28
+ if (value.throttleTime < Date.now()) {
29
+ cacheManager.removeItem(key);
30
+ return;
31
+ }
32
+ throw new ServerError(value.errorCodes?.join(" ") || Constants.EMPTY_STRING, value.errorMessage, value.subError);
33
+ }
34
+ }
35
+ /**
36
+ * Performs necessary throttling checks after a network request.
37
+ * @param cacheManager
38
+ * @param thumbprint
39
+ * @param response
40
+ */
41
+ static postProcess(cacheManager, thumbprint, response) {
42
+ if (ThrottlingUtils.checkResponseStatus(response) ||
43
+ ThrottlingUtils.checkResponseForRetryAfter(response)) {
44
+ const thumbprintValue = {
45
+ throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),
46
+ error: response.body.error,
47
+ errorCodes: response.body.error_codes,
48
+ errorMessage: response.body.error_description,
49
+ subError: response.body.suberror,
50
+ };
51
+ cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);
52
+ }
53
+ }
54
+ /**
55
+ * Checks a NetworkResponse object's status codes against 429 or 5xx
56
+ * @param response
57
+ */
58
+ static checkResponseStatus(response) {
59
+ return (response.status === 429 ||
60
+ (response.status >= 500 && response.status < 600));
61
+ }
62
+ /**
63
+ * Checks a NetworkResponse object's RetryAfter header
64
+ * @param response
65
+ */
66
+ static checkResponseForRetryAfter(response) {
67
+ if (response.headers) {
68
+ return (response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) &&
69
+ (response.status < 200 || response.status >= 300));
70
+ }
71
+ return false;
72
+ }
73
+ /**
74
+ * Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.
75
+ * @param throttleTime
76
+ */
77
+ static calculateThrottleTime(throttleTime) {
78
+ const time = throttleTime <= 0 ? 0 : throttleTime;
79
+ const currentSeconds = Date.now() / 1000;
80
+ return Math.floor(Math.min(currentSeconds +
81
+ (time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds +
82
+ ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);
83
+ }
84
+ static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
85
+ const thumbprint = {
86
+ clientId: clientId,
87
+ authority: request.authority,
88
+ scopes: request.scopes,
89
+ homeAccountIdentifier: homeAccountIdentifier,
90
+ claims: request.claims,
91
+ authenticationScheme: request.authenticationScheme,
92
+ resourceRequestMethod: request.resourceRequestMethod,
93
+ resourceRequestUri: request.resourceRequestUri,
94
+ shrClaims: request.shrClaims,
95
+ sshKid: request.sshKid,
96
+ };
97
+ const key = this.generateThrottlingStorageKey(thumbprint);
98
+ cacheManager.removeItem(key);
99
+ }
100
100
  }
101
101
 
102
102
  export { ThrottlingUtils };
@@ -1,3 +1,3 @@
1
- export declare const name = "@azure/msal-common";
2
- export declare const version = "14.13.1";
1
+ export declare const name = "@azure/msal-common";
2
+ export declare const version = "14.14.1";
3
3
  //# sourceMappingURL=packageMetadata.d.ts.map
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-common v14.13.1 2024-07-16 */
1
+ /*! @azure/msal-common v14.14.1 2024-08-13 */
2
2
  'use strict';
3
- /* eslint-disable header/header */
4
- const name = "@azure/msal-common";
5
- const version = "14.13.1";
3
+ /* eslint-disable header/header */
4
+ const name = "@azure/msal-common";
5
+ const version = "14.14.1";
6
6
 
7
7
  export { name, version };
8
8
  //# sourceMappingURL=packageMetadata.mjs.map
@@ -1,20 +1,20 @@
1
- /**
2
- * This is a helper class that parses supported HTTP response authentication headers to extract and return
3
- * header challenge values that can be used outside the basic authorization flows.
4
- */
5
- export declare class AuthenticationHeaderParser {
6
- private headers;
7
- constructor(headers: Record<string, string>);
8
- /**
9
- * This method parses the SHR nonce value out of either the Authentication-Info or WWW-Authenticate authentication headers.
10
- * @returns
11
- */
12
- getShrNonce(): string;
13
- /**
14
- * Parses an HTTP header's challenge set into a key/value map.
15
- * @param header
16
- * @returns
17
- */
18
- private parseChallenges;
19
- }
1
+ /**
2
+ * This is a helper class that parses supported HTTP response authentication headers to extract and return
3
+ * header challenge values that can be used outside the basic authorization flows.
4
+ */
5
+ export declare class AuthenticationHeaderParser {
6
+ private headers;
7
+ constructor(headers: Record<string, string>);
8
+ /**
9
+ * This method parses the SHR nonce value out of either the Authentication-Info or WWW-Authenticate authentication headers.
10
+ * @returns
11
+ */
12
+ getShrNonce(): string;
13
+ /**
14
+ * Parses an HTTP header's challenge set into a key/value map.
15
+ * @param header
16
+ * @returns
17
+ */
18
+ private parseChallenges;
19
+ }
20
20
  //# sourceMappingURL=AuthenticationHeaderParser.d.ts.map
@@ -1,63 +1,63 @@
1
- /*! @azure/msal-common v14.13.1 2024-07-16 */
1
+ /*! @azure/msal-common v14.14.1 2024-08-13 */
2
2
  'use strict';
3
3
  import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
4
4
  import { Constants, HeaderNames } from '../utils/Constants.mjs';
5
5
  import { invalidAuthenticationHeader, missingNonceAuthenticationHeader } from '../error/ClientConfigurationErrorCodes.mjs';
6
6
 
7
- /*
8
- * Copyright (c) Microsoft Corporation. All rights reserved.
9
- * Licensed under the MIT License.
10
- */
11
- /**
12
- * This is a helper class that parses supported HTTP response authentication headers to extract and return
13
- * header challenge values that can be used outside the basic authorization flows.
14
- */
15
- class AuthenticationHeaderParser {
16
- constructor(headers) {
17
- this.headers = headers;
18
- }
19
- /**
20
- * This method parses the SHR nonce value out of either the Authentication-Info or WWW-Authenticate authentication headers.
21
- * @returns
22
- */
23
- getShrNonce() {
24
- // Attempt to parse nonce from Authentiacation-Info
25
- const authenticationInfo = this.headers[HeaderNames.AuthenticationInfo];
26
- if (authenticationInfo) {
27
- const authenticationInfoChallenges = this.parseChallenges(authenticationInfo);
28
- if (authenticationInfoChallenges.nextnonce) {
29
- return authenticationInfoChallenges.nextnonce;
30
- }
31
- throw createClientConfigurationError(invalidAuthenticationHeader);
32
- }
33
- // Attempt to parse nonce from WWW-Authenticate
34
- const wwwAuthenticate = this.headers[HeaderNames.WWWAuthenticate];
35
- if (wwwAuthenticate) {
36
- const wwwAuthenticateChallenges = this.parseChallenges(wwwAuthenticate);
37
- if (wwwAuthenticateChallenges.nonce) {
38
- return wwwAuthenticateChallenges.nonce;
39
- }
40
- throw createClientConfigurationError(invalidAuthenticationHeader);
41
- }
42
- // If neither header is present, throw missing headers error
43
- throw createClientConfigurationError(missingNonceAuthenticationHeader);
44
- }
45
- /**
46
- * Parses an HTTP header's challenge set into a key/value map.
47
- * @param header
48
- * @returns
49
- */
50
- parseChallenges(header) {
51
- const schemeSeparator = header.indexOf(" ");
52
- const challenges = header.substr(schemeSeparator + 1).split(",");
53
- const challengeMap = {};
54
- challenges.forEach((challenge) => {
55
- const [key, value] = challenge.split("=");
56
- // Remove escaped quotation marks (', ") from challenge string to keep only the challenge value
57
- challengeMap[key] = unescape(value.replace(/['"]+/g, Constants.EMPTY_STRING));
58
- });
59
- return challengeMap;
60
- }
7
+ /*
8
+ * Copyright (c) Microsoft Corporation. All rights reserved.
9
+ * Licensed under the MIT License.
10
+ */
11
+ /**
12
+ * This is a helper class that parses supported HTTP response authentication headers to extract and return
13
+ * header challenge values that can be used outside the basic authorization flows.
14
+ */
15
+ class AuthenticationHeaderParser {
16
+ constructor(headers) {
17
+ this.headers = headers;
18
+ }
19
+ /**
20
+ * This method parses the SHR nonce value out of either the Authentication-Info or WWW-Authenticate authentication headers.
21
+ * @returns
22
+ */
23
+ getShrNonce() {
24
+ // Attempt to parse nonce from Authentiacation-Info
25
+ const authenticationInfo = this.headers[HeaderNames.AuthenticationInfo];
26
+ if (authenticationInfo) {
27
+ const authenticationInfoChallenges = this.parseChallenges(authenticationInfo);
28
+ if (authenticationInfoChallenges.nextnonce) {
29
+ return authenticationInfoChallenges.nextnonce;
30
+ }
31
+ throw createClientConfigurationError(invalidAuthenticationHeader);
32
+ }
33
+ // Attempt to parse nonce from WWW-Authenticate
34
+ const wwwAuthenticate = this.headers[HeaderNames.WWWAuthenticate];
35
+ if (wwwAuthenticate) {
36
+ const wwwAuthenticateChallenges = this.parseChallenges(wwwAuthenticate);
37
+ if (wwwAuthenticateChallenges.nonce) {
38
+ return wwwAuthenticateChallenges.nonce;
39
+ }
40
+ throw createClientConfigurationError(invalidAuthenticationHeader);
41
+ }
42
+ // If neither header is present, throw missing headers error
43
+ throw createClientConfigurationError(missingNonceAuthenticationHeader);
44
+ }
45
+ /**
46
+ * Parses an HTTP header's challenge set into a key/value map.
47
+ * @param header
48
+ * @returns
49
+ */
50
+ parseChallenges(header) {
51
+ const schemeSeparator = header.indexOf(" ");
52
+ const challenges = header.substr(schemeSeparator + 1).split(",");
53
+ const challengeMap = {};
54
+ challenges.forEach((challenge) => {
55
+ const [key, value] = challenge.split("=");
56
+ // Remove escaped quotation marks (', ") from challenge string to keep only the challenge value
57
+ challengeMap[key] = unescape(value.replace(/['"]+/g, Constants.EMPTY_STRING));
58
+ });
59
+ return challengeMap;
60
+ }
61
61
  }
62
62
 
63
63
  export { AuthenticationHeaderParser };
@@ -1,48 +1,48 @@
1
- import { AuthenticationScheme } from "../utils/Constants";
2
- import { AzureCloudOptions } from "../config/ClientConfiguration";
3
- import { StringDict } from "../utils/MsalTypes";
4
- import { StoreInCache } from "./StoreInCache";
5
- import { ShrOptions } from "../crypto/SignedHttpRequest";
6
- /**
7
- * BaseAuthRequest
8
- * - authority - URL of the authority, the security token service (STS) from which MSAL will acquire tokens. Defaults to https://login.microsoftonline.com/common. If using the same authority for all request, authority should set on client application object and not request, to avoid resolving authority endpoints multiple times.
9
- * - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
10
- * - scopes - Array of scopes the application is requesting access to.
11
- * - authenticationScheme - The type of token retrieved. Defaults to "Bearer". Can also be type "pop" or "SSH".
12
- * - claims - A stringified claims request which will be added to all /authorize and /token calls
13
- * - shrClaims - A stringified claims object which will be added to a Signed HTTP Request
14
- * - shrNonce - A server-generated timestamp that has been encrypted and base64URL encoded, which will be added to a Signed HTTP Request.
15
- * - shrOptions - An object containing options for the Signed HTTP Request
16
- * - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
17
- * - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
18
- * - sshJwk - A stringified JSON Web Key representing a public key that can be signed by an SSH certificate.
19
- * - sshKid - Key ID that uniquely identifies the SSH public key mentioned above.
20
- * - azureCloudOptions - Convenience string enums for users to provide public/sovereign cloud ids
21
- * - requestedClaimsHash - SHA 256 hash string of the requested claims string, used as part of an access token cache key so tokens can be filtered by requested claims
22
- * - tokenQueryParameters - String to string map of custom query parameters added to the /token call
23
- * - storeInCache - Object containing boolean values indicating whether to store tokens in the cache or not (default is true)
24
- * - scenarioId - Scenario id to track custom user prompts
25
- * - popKid - Key ID to identify the public key for PoP token request
26
- */
27
- export type BaseAuthRequest = {
28
- authority: string;
29
- correlationId: string;
30
- scopes: Array<string>;
31
- authenticationScheme?: AuthenticationScheme;
32
- claims?: string;
33
- shrClaims?: string;
34
- shrNonce?: string;
35
- shrOptions?: ShrOptions;
36
- resourceRequestMethod?: string;
37
- resourceRequestUri?: string;
38
- sshJwk?: string;
39
- sshKid?: string;
40
- azureCloudOptions?: AzureCloudOptions;
41
- requestedClaimsHash?: string;
42
- maxAge?: number;
43
- tokenQueryParameters?: StringDict;
44
- storeInCache?: StoreInCache;
45
- scenarioId?: string;
46
- popKid?: string;
47
- };
1
+ import { AuthenticationScheme } from "../utils/Constants";
2
+ import { AzureCloudOptions } from "../config/ClientConfiguration";
3
+ import { StringDict } from "../utils/MsalTypes";
4
+ import { StoreInCache } from "./StoreInCache";
5
+ import { ShrOptions } from "../crypto/SignedHttpRequest";
6
+ /**
7
+ * BaseAuthRequest
8
+ * - authority - URL of the authority, the security token service (STS) from which MSAL will acquire tokens. Defaults to https://login.microsoftonline.com/common. If using the same authority for all request, authority should set on client application object and not request, to avoid resolving authority endpoints multiple times.
9
+ * - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
10
+ * - scopes - Array of scopes the application is requesting access to.
11
+ * - authenticationScheme - The type of token retrieved. Defaults to "Bearer". Can also be type "pop" or "SSH".
12
+ * - claims - A stringified claims request which will be added to all /authorize and /token calls
13
+ * - shrClaims - A stringified claims object which will be added to a Signed HTTP Request
14
+ * - shrNonce - A server-generated timestamp that has been encrypted and base64URL encoded, which will be added to a Signed HTTP Request.
15
+ * - shrOptions - An object containing options for the Signed HTTP Request
16
+ * - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
17
+ * - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
18
+ * - sshJwk - A stringified JSON Web Key representing a public key that can be signed by an SSH certificate.
19
+ * - sshKid - Key ID that uniquely identifies the SSH public key mentioned above.
20
+ * - azureCloudOptions - Convenience string enums for users to provide public/sovereign cloud ids
21
+ * - requestedClaimsHash - SHA 256 hash string of the requested claims string, used as part of an access token cache key so tokens can be filtered by requested claims
22
+ * - tokenQueryParameters - String to string map of custom query parameters added to the /token call
23
+ * - storeInCache - Object containing boolean values indicating whether to store tokens in the cache or not (default is true)
24
+ * - scenarioId - Scenario id to track custom user prompts
25
+ * - popKid - Key ID to identify the public key for PoP token request
26
+ */
27
+ export type BaseAuthRequest = {
28
+ authority: string;
29
+ correlationId: string;
30
+ scopes: Array<string>;
31
+ authenticationScheme?: AuthenticationScheme;
32
+ claims?: string;
33
+ shrClaims?: string;
34
+ shrNonce?: string;
35
+ shrOptions?: ShrOptions;
36
+ resourceRequestMethod?: string;
37
+ resourceRequestUri?: string;
38
+ sshJwk?: string;
39
+ sshKid?: string;
40
+ azureCloudOptions?: AzureCloudOptions;
41
+ requestedClaimsHash?: string;
42
+ maxAge?: number;
43
+ tokenQueryParameters?: StringDict;
44
+ storeInCache?: StoreInCache;
45
+ scenarioId?: string;
46
+ popKid?: string;
47
+ };
48
48
  //# sourceMappingURL=BaseAuthRequest.d.ts.map
@@ -1,28 +1,28 @@
1
- import { BaseAuthRequest } from "./BaseAuthRequest";
2
- import { StringDict } from "../utils/MsalTypes";
3
- import { CcsCredential } from "../account/CcsCredential";
4
- /**
5
- * Request object passed by user to acquire a token from the server exchanging a valid authorization code (second leg of OAuth2.0 Authorization Code flow)
6
- *
7
- * - scopes - Array of scopes the application is requesting access to.
8
- * - claims - A stringified claims request which will be added to all /authorize and /token calls
9
- * - authority: - URL of the authority, the security token service (STS) from which MSAL will acquire tokens. If authority is set on client application object, this will override that value. Overriding the value will cause for authority validation to happen each time. If the same authority will be used for all request, set on the application object instead of the requests.
10
- * - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
11
- * - redirectUri - The redirect URI of your app, where the authority will redirect to after the user inputs credentials and consents. It must exactly match one of the redirect URIs you registered in the portal
12
- * - code - The authorization_code that the user acquired in the first leg of the flow.
13
- * - codeVerifier - The same code_verifier that was used to obtain the authorization_code. Required if PKCE was used in the authorization code grant request.For more information, see the PKCE RFC: https://tools.ietf.org/html/rfc7636
14
- * - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
15
- * - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
16
- * - enableSpaAuthCode - Enables the acqusition of a spa authorization code (confidential clients only)
17
- * - tokenQueryParameters - String to string map of custom query parameters added to the /token call
18
- */
19
- export type CommonAuthorizationCodeRequest = BaseAuthRequest & {
20
- code: string;
21
- redirectUri: string;
22
- codeVerifier?: string;
23
- tokenBodyParameters?: StringDict;
24
- enableSpaAuthorizationCode?: boolean;
25
- clientInfo?: string;
26
- ccsCredential?: CcsCredential;
27
- };
1
+ import { BaseAuthRequest } from "./BaseAuthRequest";
2
+ import { StringDict } from "../utils/MsalTypes";
3
+ import { CcsCredential } from "../account/CcsCredential";
4
+ /**
5
+ * Request object passed by user to acquire a token from the server exchanging a valid authorization code (second leg of OAuth2.0 Authorization Code flow)
6
+ *
7
+ * - scopes - Array of scopes the application is requesting access to.
8
+ * - claims - A stringified claims request which will be added to all /authorize and /token calls
9
+ * - authority: - URL of the authority, the security token service (STS) from which MSAL will acquire tokens. If authority is set on client application object, this will override that value. Overriding the value will cause for authority validation to happen each time. If the same authority will be used for all request, set on the application object instead of the requests.
10
+ * - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
11
+ * - redirectUri - The redirect URI of your app, where the authority will redirect to after the user inputs credentials and consents. It must exactly match one of the redirect URIs you registered in the portal
12
+ * - code - The authorization_code that the user acquired in the first leg of the flow.
13
+ * - codeVerifier - The same code_verifier that was used to obtain the authorization_code. Required if PKCE was used in the authorization code grant request.For more information, see the PKCE RFC: https://tools.ietf.org/html/rfc7636
14
+ * - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
15
+ * - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
16
+ * - enableSpaAuthCode - Enables the acqusition of a spa authorization code (confidential clients only)
17
+ * - tokenQueryParameters - String to string map of custom query parameters added to the /token call
18
+ */
19
+ export type CommonAuthorizationCodeRequest = BaseAuthRequest & {
20
+ code: string;
21
+ redirectUri: string;
22
+ codeVerifier?: string;
23
+ tokenBodyParameters?: StringDict;
24
+ enableSpaAuthorizationCode?: boolean;
25
+ clientInfo?: string;
26
+ ccsCredential?: CcsCredential;
27
+ };
28
28
  //# sourceMappingURL=CommonAuthorizationCodeRequest.d.ts.map