@azure/msal-common 14.13.1 → 14.14.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +66 -66
- package/dist/account/AccountInfo.mjs +77 -77
- package/dist/account/AuthToken.d.ts +17 -17
- package/dist/account/AuthToken.mjs +58 -58
- package/dist/account/CcsCredential.d.ts +9 -9
- package/dist/account/CcsCredential.mjs +8 -8
- package/dist/account/ClientCredentials.d.ts +19 -19
- package/dist/account/ClientInfo.d.ts +18 -18
- package/dist/account/ClientInfo.mjs +37 -37
- package/dist/account/TokenClaims.d.ts +83 -83
- package/dist/account/TokenClaims.mjs +20 -20
- package/dist/authority/Authority.d.ts +254 -254
- package/dist/authority/Authority.mjs +836 -836
- package/dist/authority/AuthorityFactory.d.ts +18 -18
- package/dist/authority/AuthorityFactory.mjs +28 -28
- package/dist/authority/AuthorityMetadata.d.ts +43 -43
- package/dist/authority/AuthorityMetadata.mjs +137 -137
- package/dist/authority/AuthorityOptions.d.ts +27 -27
- package/dist/authority/AuthorityOptions.mjs +18 -18
- package/dist/authority/AuthorityType.d.ts +10 -10
- package/dist/authority/AuthorityType.mjs +13 -13
- package/dist/authority/AzureRegion.d.ts +1 -1
- package/dist/authority/AzureRegionConfiguration.d.ts +5 -5
- package/dist/authority/CloudDiscoveryMetadata.d.ts +5 -5
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.d.ts +13 -13
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +8 -8
- package/dist/authority/CloudInstanceDiscoveryResponse.d.ts +9 -9
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +8 -8
- package/dist/authority/ImdsOptions.d.ts +5 -5
- package/dist/authority/OIDCOptions.d.ts +8 -8
- package/dist/authority/OpenIdConfigResponse.d.ts +11 -11
- package/dist/authority/OpenIdConfigResponse.mjs +10 -10
- package/dist/authority/ProtocolMode.d.ts +8 -8
- package/dist/authority/ProtocolMode.mjs +11 -11
- package/dist/authority/RegionDiscovery.d.ts +32 -32
- package/dist/authority/RegionDiscovery.mjs +106 -106
- package/dist/authority/RegionDiscoveryMetadata.d.ts +6 -6
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +15 -15
- package/dist/cache/CacheManager.d.ts +497 -497
- package/dist/cache/CacheManager.mjs +1249 -1249
- package/dist/cache/entities/AccessTokenEntity.d.ts +25 -25
- package/dist/cache/entities/AccountEntity.d.ts +106 -106
- package/dist/cache/entities/AccountEntity.mjs +240 -240
- package/dist/cache/entities/AppMetadataEntity.d.ts +11 -11
- package/dist/cache/entities/AuthorityMetadataEntity.d.ts +15 -15
- package/dist/cache/entities/CacheRecord.d.ts +13 -13
- package/dist/cache/entities/CredentialEntity.d.ts +30 -30
- package/dist/cache/entities/IdTokenEntity.d.ts +8 -8
- package/dist/cache/entities/RefreshTokenEntity.d.ts +7 -7
- package/dist/cache/entities/ServerTelemetryEntity.d.ts +6 -5
- package/dist/cache/entities/ServerTelemetryEntity.d.ts.map +1 -1
- package/dist/cache/entities/ThrottlingEntity.d.ts +7 -7
- package/dist/cache/interface/ICacheManager.d.ts +166 -166
- package/dist/cache/interface/ICachePlugin.d.ts +5 -5
- package/dist/cache/interface/ISerializableTokenCache.d.ts +4 -4
- package/dist/cache/persistence/TokenCacheContext.d.ts +23 -23
- package/dist/cache/persistence/TokenCacheContext.mjs +25 -25
- package/dist/cache/utils/CacheHelpers.d.ts +94 -94
- package/dist/cache/utils/CacheHelpers.mjs +324 -324
- package/dist/cache/utils/CacheTypes.d.ts +69 -69
- package/dist/client/AuthorizationCodeClient.d.ts +74 -74
- package/dist/client/AuthorizationCodeClient.mjs +420 -420
- package/dist/client/BaseClient.d.ts +51 -51
- package/dist/client/BaseClient.mjs +100 -100
- package/dist/client/RefreshTokenClient.d.ts +35 -35
- package/dist/client/RefreshTokenClient.mjs +211 -211
- package/dist/client/SilentFlowClient.d.ts +27 -27
- package/dist/client/SilentFlowClient.mjs +133 -133
- package/dist/config/AppTokenProvider.d.ts +38 -38
- package/dist/config/ClientConfiguration.d.ts +150 -150
- package/dist/config/ClientConfiguration.mjs +95 -95
- package/dist/constants/AADServerParamKeys.d.ts +53 -52
- package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
- package/dist/constants/AADServerParamKeys.mjs +59 -58
- package/dist/constants/AADServerParamKeys.mjs.map +1 -1
- package/dist/crypto/ICrypto.d.ts +68 -68
- package/dist/crypto/ICrypto.mjs +36 -36
- package/dist/crypto/IGuidGenerator.d.ts +4 -4
- package/dist/crypto/JoseHeader.d.ts +22 -22
- package/dist/crypto/JoseHeader.mjs +37 -37
- package/dist/crypto/PopTokenGenerator.d.ts +59 -59
- package/dist/crypto/PopTokenGenerator.mjs +81 -81
- package/dist/crypto/SignedHttpRequest.d.ts +15 -15
- package/dist/error/AuthError.d.ts +44 -44
- package/dist/error/AuthError.mjs +46 -46
- package/dist/error/AuthErrorCodes.d.ts +5 -5
- package/dist/error/AuthErrorCodes.mjs +9 -9
- package/dist/error/CacheError.d.ts +20 -20
- package/dist/error/CacheError.mjs +24 -24
- package/dist/error/CacheErrorCodes.d.ts +2 -2
- package/dist/error/CacheErrorCodes.mjs +6 -6
- package/dist/error/ClientAuthError.d.ts +237 -237
- package/dist/error/ClientAuthError.mjs +249 -249
- package/dist/error/ClientAuthErrorCodes.d.ts +44 -44
- package/dist/error/ClientAuthErrorCodes.mjs +48 -48
- package/dist/error/ClientConfigurationError.d.ts +128 -128
- package/dist/error/ClientConfigurationError.mjs +135 -135
- package/dist/error/ClientConfigurationErrorCodes.d.ts +22 -22
- package/dist/error/ClientConfigurationErrorCodes.mjs +26 -26
- package/dist/error/InteractionRequiredAuthError.d.ts +65 -65
- package/dist/error/InteractionRequiredAuthError.mjs +85 -85
- package/dist/error/InteractionRequiredAuthErrorCodes.d.ts +7 -7
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +13 -13
- package/dist/error/JoseHeaderError.d.ts +15 -15
- package/dist/error/JoseHeaderError.mjs +22 -22
- package/dist/error/JoseHeaderErrorCodes.d.ts +2 -2
- package/dist/error/JoseHeaderErrorCodes.mjs +6 -6
- package/dist/error/ServerError.d.ts +15 -15
- package/dist/error/ServerError.mjs +16 -16
- package/dist/index.cjs +8664 -8599
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.ts +107 -107
- package/dist/index.mjs +1 -1
- package/dist/logger/Logger.d.ts +95 -95
- package/dist/logger/Logger.mjs +188 -188
- package/dist/network/INetworkModule.d.ts +29 -29
- package/dist/network/INetworkModule.mjs +12 -12
- package/dist/network/NetworkManager.d.ts +33 -33
- package/dist/network/NetworkManager.mjs +34 -34
- package/dist/network/RequestThumbprint.d.ts +18 -18
- package/dist/network/ThrottlingUtils.d.ts +42 -42
- package/dist/network/ThrottlingUtils.mjs +95 -95
- package/dist/packageMetadata.d.ts +2 -2
- package/dist/packageMetadata.mjs +4 -4
- package/dist/request/AuthenticationHeaderParser.d.ts +19 -19
- package/dist/request/AuthenticationHeaderParser.mjs +55 -55
- package/dist/request/BaseAuthRequest.d.ts +47 -47
- package/dist/request/CommonAuthorizationCodeRequest.d.ts +27 -27
- package/dist/request/CommonAuthorizationUrlRequest.d.ts +50 -50
- package/dist/request/CommonClientCredentialRequest.d.ts +17 -17
- package/dist/request/CommonDeviceCodeRequest.d.ts +21 -21
- package/dist/request/CommonEndSessionRequest.d.ts +21 -21
- package/dist/request/CommonOnBehalfOfRequest.d.ts +13 -13
- package/dist/request/CommonRefreshTokenRequest.d.ts +22 -22
- package/dist/request/CommonSilentFlowRequest.d.ts +27 -27
- package/dist/request/CommonUsernamePasswordRequest.d.ts +17 -17
- package/dist/request/NativeRequest.d.ts +19 -19
- package/dist/request/NativeSignOutRequest.d.ts +5 -5
- package/dist/request/RequestParameterBuilder.d.ts +217 -217
- package/dist/request/RequestParameterBuilder.mjs +382 -382
- package/dist/request/RequestValidator.d.ts +27 -27
- package/dist/request/RequestValidator.mjs +64 -64
- package/dist/request/ScopeSet.d.ts +88 -88
- package/dist/request/ScopeSet.mjs +197 -197
- package/dist/request/StoreInCache.d.ts +8 -8
- package/dist/response/AuthenticationResult.d.ts +41 -41
- package/dist/response/AuthorizationCodePayload.d.ts +13 -13
- package/dist/response/DeviceCodeResponse.d.ts +25 -25
- package/dist/response/ExternalTokenResponse.d.ts +15 -15
- package/dist/response/IMDSBadResponse.d.ts +4 -4
- package/dist/response/ResponseHandler.d.ts +69 -69
- package/dist/response/ResponseHandler.mjs +374 -374
- package/dist/response/ServerAuthorizationCodeResponse.d.ts +26 -26
- package/dist/response/ServerAuthorizationTokenResponse.d.ts +47 -47
- package/dist/telemetry/performance/IPerformanceClient.d.ts +57 -57
- package/dist/telemetry/performance/IPerformanceMeasurement.d.ts +5 -5
- package/dist/telemetry/performance/PerformanceClient.d.ts +242 -242
- package/dist/telemetry/performance/PerformanceClient.mjs +587 -587
- package/dist/telemetry/performance/PerformanceEvent.d.ts +515 -505
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +484 -480
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.d.ts +24 -24
- package/dist/telemetry/performance/StubPerformanceClient.mjs +76 -76
- package/dist/telemetry/server/ServerTelemetryManager.d.ts +78 -66
- package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +260 -201
- package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist/telemetry/server/ServerTelemetryRequest.d.ts +8 -8
- package/dist/url/IUri.d.ts +12 -12
- package/dist/url/UrlString.d.ts +48 -48
- package/dist/url/UrlString.mjs +161 -161
- package/dist/utils/ClientAssertionUtils.d.ts +2 -2
- package/dist/utils/ClientAssertionUtils.mjs +16 -16
- package/dist/utils/Constants.d.ts +309 -309
- package/dist/utils/Constants.mjs +322 -322
- package/dist/utils/FunctionWrappers.d.ts +27 -27
- package/dist/utils/FunctionWrappers.mjs +94 -94
- package/dist/utils/MsalTypes.d.ts +6 -6
- package/dist/utils/ProtocolUtils.d.ts +42 -42
- package/dist/utils/ProtocolUtils.mjs +69 -69
- package/dist/utils/StringUtils.d.ts +40 -40
- package/dist/utils/StringUtils.mjs +95 -95
- package/dist/utils/TimeUtils.d.ts +25 -25
- package/dist/utils/TimeUtils.mjs +43 -43
- package/dist/utils/UrlUtils.d.ts +10 -10
- package/dist/utils/UrlUtils.mjs +44 -44
- package/package.json +1 -1
- package/src/cache/entities/ServerTelemetryEntity.ts +1 -0
- package/src/constants/AADServerParamKeys.ts +1 -0
- package/src/packageMetadata.ts +1 -1
- package/src/telemetry/performance/PerformanceEvent.ts +12 -0
- package/src/telemetry/server/ServerTelemetryManager.ts +95 -1
|
@@ -1,51 +1,51 @@
|
|
|
1
|
-
import { ResponseMode } from "../utils/Constants";
|
|
2
|
-
import { StringDict } from "../utils/MsalTypes";
|
|
3
|
-
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
4
|
-
import { AccountInfo } from "../account/AccountInfo";
|
|
5
|
-
/**
|
|
6
|
-
* Request object passed by user to retrieve a Code from the server (first leg of authorization code grant flow)
|
|
7
|
-
*
|
|
8
|
-
* - scopes - Array of scopes the application is requesting access to.
|
|
9
|
-
* - claims - A stringified claims request which will be added to all /authorize and /token calls
|
|
10
|
-
* - authority - Url of the authority which the application acquires tokens from.
|
|
11
|
-
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
12
|
-
* - redirectUri - The redirect URI where authentication responses can be received by your application. It must exactly match one of the redirect URIs registered in the Azure portal.
|
|
13
|
-
* - extraScopesToConsent - Scopes for a different resource when the user needs consent upfront.
|
|
14
|
-
* - responseMode - Specifies the method that should be used to send the authentication result to your app. Can be query, form_post, or fragment. If no value is passed in, it defaults to query.
|
|
15
|
-
* - codeChallenge - Used to secure authorization code grant via Proof of Key for Code Exchange (PKCE). For more information, see the PKCE RCF:https://tools.ietf.org/html/rfc7636
|
|
16
|
-
* - codeChallengeMethod - The method used to encode the code verifier for the code challenge parameter. Can be "plain" or "S256". If excluded, code challenge is assumed to be plaintext. For more information, see the PKCE RCF: https://tools.ietf.org/html/rfc7636
|
|
17
|
-
* - state - A value included in the request that is also returned in the token response. A randomly generated unique value is typically used for preventing cross site request forgery attacks. The state is also used to encode information about the user's state in the app before the authentication request occurred.
|
|
18
|
-
* - prompt - Indicates the type of user interaction that is required.
|
|
19
|
-
* login: will force the user to enter their credentials on that request, negating single-sign on
|
|
20
|
-
* none: will ensure that the user isn't presented with any interactive prompt. if request can't be completed via single-sign on, the endpoint will return an interaction_required error
|
|
21
|
-
* consent: will the trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app
|
|
22
|
-
* select_account: will interrupt single sign-=on providing account selection experience listing all the accounts in session or any remembered accounts or an option to choose to use a different account
|
|
23
|
-
* create: will direct the user to the account creation experience instead of the log in experience
|
|
24
|
-
* no_session: will not read existing session token when authenticating the user. Upon user being successfully authenticated, EVO won’t create a new session for the user. FOR INTERNAL USE ONLY.
|
|
25
|
-
* - account - AccountInfo obtained from a getAccount API. Will be used in certain scenarios to generate login_hint if both loginHint and sid params are not provided.
|
|
26
|
-
* - loginHint - Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know the username/email address ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim.
|
|
27
|
-
* - sid - Session ID, unique identifier for the session. Available as an optional claim on ID tokens.
|
|
28
|
-
* - domainHint - Provides a hint about the tenant or domain that the user should use to sign in. The value of the domain hint is a registered domain for the tenant.
|
|
29
|
-
* - extraQueryParameters - String to string map of custom query parameters added to the /authorize call
|
|
30
|
-
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
31
|
-
* - nonce - A value included in the request that is returned in the id token. A randomly generated unique value is typically used to mitigate replay attacks.
|
|
32
|
-
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
33
|
-
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
34
|
-
*/
|
|
35
|
-
export type CommonAuthorizationUrlRequest = BaseAuthRequest & {
|
|
36
|
-
redirectUri: string;
|
|
37
|
-
responseMode: ResponseMode;
|
|
38
|
-
account?: AccountInfo;
|
|
39
|
-
codeChallenge?: string;
|
|
40
|
-
codeChallengeMethod?: string;
|
|
41
|
-
domainHint?: string;
|
|
42
|
-
extraQueryParameters?: StringDict;
|
|
43
|
-
extraScopesToConsent?: Array<string>;
|
|
44
|
-
loginHint?: string;
|
|
45
|
-
nonce?: string;
|
|
46
|
-
prompt?: string;
|
|
47
|
-
sid?: string;
|
|
48
|
-
state?: string;
|
|
49
|
-
nativeBroker?: boolean;
|
|
50
|
-
};
|
|
1
|
+
import { ResponseMode } from "../utils/Constants";
|
|
2
|
+
import { StringDict } from "../utils/MsalTypes";
|
|
3
|
+
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
4
|
+
import { AccountInfo } from "../account/AccountInfo";
|
|
5
|
+
/**
|
|
6
|
+
* Request object passed by user to retrieve a Code from the server (first leg of authorization code grant flow)
|
|
7
|
+
*
|
|
8
|
+
* - scopes - Array of scopes the application is requesting access to.
|
|
9
|
+
* - claims - A stringified claims request which will be added to all /authorize and /token calls
|
|
10
|
+
* - authority - Url of the authority which the application acquires tokens from.
|
|
11
|
+
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
12
|
+
* - redirectUri - The redirect URI where authentication responses can be received by your application. It must exactly match one of the redirect URIs registered in the Azure portal.
|
|
13
|
+
* - extraScopesToConsent - Scopes for a different resource when the user needs consent upfront.
|
|
14
|
+
* - responseMode - Specifies the method that should be used to send the authentication result to your app. Can be query, form_post, or fragment. If no value is passed in, it defaults to query.
|
|
15
|
+
* - codeChallenge - Used to secure authorization code grant via Proof of Key for Code Exchange (PKCE). For more information, see the PKCE RCF:https://tools.ietf.org/html/rfc7636
|
|
16
|
+
* - codeChallengeMethod - The method used to encode the code verifier for the code challenge parameter. Can be "plain" or "S256". If excluded, code challenge is assumed to be plaintext. For more information, see the PKCE RCF: https://tools.ietf.org/html/rfc7636
|
|
17
|
+
* - state - A value included in the request that is also returned in the token response. A randomly generated unique value is typically used for preventing cross site request forgery attacks. The state is also used to encode information about the user's state in the app before the authentication request occurred.
|
|
18
|
+
* - prompt - Indicates the type of user interaction that is required.
|
|
19
|
+
* login: will force the user to enter their credentials on that request, negating single-sign on
|
|
20
|
+
* none: will ensure that the user isn't presented with any interactive prompt. if request can't be completed via single-sign on, the endpoint will return an interaction_required error
|
|
21
|
+
* consent: will the trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app
|
|
22
|
+
* select_account: will interrupt single sign-=on providing account selection experience listing all the accounts in session or any remembered accounts or an option to choose to use a different account
|
|
23
|
+
* create: will direct the user to the account creation experience instead of the log in experience
|
|
24
|
+
* no_session: will not read existing session token when authenticating the user. Upon user being successfully authenticated, EVO won’t create a new session for the user. FOR INTERNAL USE ONLY.
|
|
25
|
+
* - account - AccountInfo obtained from a getAccount API. Will be used in certain scenarios to generate login_hint if both loginHint and sid params are not provided.
|
|
26
|
+
* - loginHint - Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know the username/email address ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim.
|
|
27
|
+
* - sid - Session ID, unique identifier for the session. Available as an optional claim on ID tokens.
|
|
28
|
+
* - domainHint - Provides a hint about the tenant or domain that the user should use to sign in. The value of the domain hint is a registered domain for the tenant.
|
|
29
|
+
* - extraQueryParameters - String to string map of custom query parameters added to the /authorize call
|
|
30
|
+
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
31
|
+
* - nonce - A value included in the request that is returned in the id token. A randomly generated unique value is typically used to mitigate replay attacks.
|
|
32
|
+
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
33
|
+
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
34
|
+
*/
|
|
35
|
+
export type CommonAuthorizationUrlRequest = BaseAuthRequest & {
|
|
36
|
+
redirectUri: string;
|
|
37
|
+
responseMode: ResponseMode;
|
|
38
|
+
account?: AccountInfo;
|
|
39
|
+
codeChallenge?: string;
|
|
40
|
+
codeChallengeMethod?: string;
|
|
41
|
+
domainHint?: string;
|
|
42
|
+
extraQueryParameters?: StringDict;
|
|
43
|
+
extraScopesToConsent?: Array<string>;
|
|
44
|
+
loginHint?: string;
|
|
45
|
+
nonce?: string;
|
|
46
|
+
prompt?: string;
|
|
47
|
+
sid?: string;
|
|
48
|
+
state?: string;
|
|
49
|
+
nativeBroker?: boolean;
|
|
50
|
+
};
|
|
51
51
|
//# sourceMappingURL=CommonAuthorizationUrlRequest.d.ts.map
|
|
@@ -1,18 +1,18 @@
|
|
|
1
|
-
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
2
|
-
import { AzureRegion } from "../authority/AzureRegion";
|
|
3
|
-
import { ClientAssertion } from "../account/ClientCredentials";
|
|
4
|
-
/**
|
|
5
|
-
* CommonClientCredentialRequest
|
|
6
|
-
* - scopes - Array of scopes the application is requesting access to.
|
|
7
|
-
* - authority - URL of the authority, the security token service (STS) from which MSAL will acquire tokens.
|
|
8
|
-
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
9
|
-
* - skipCache - Skip token cache lookup and force request to authority to get a a new token. Defaults to false.
|
|
10
|
-
* - preferredAzureRegionOptions - Options of the user's preferred azure region
|
|
11
|
-
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
12
|
-
*/
|
|
13
|
-
export type CommonClientCredentialRequest = BaseAuthRequest & {
|
|
14
|
-
skipCache?: boolean;
|
|
15
|
-
azureRegion?: AzureRegion;
|
|
16
|
-
clientAssertion?: ClientAssertion;
|
|
17
|
-
};
|
|
1
|
+
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
2
|
+
import { AzureRegion } from "../authority/AzureRegion";
|
|
3
|
+
import { ClientAssertion } from "../account/ClientCredentials";
|
|
4
|
+
/**
|
|
5
|
+
* CommonClientCredentialRequest
|
|
6
|
+
* - scopes - Array of scopes the application is requesting access to.
|
|
7
|
+
* - authority - URL of the authority, the security token service (STS) from which MSAL will acquire tokens.
|
|
8
|
+
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
9
|
+
* - skipCache - Skip token cache lookup and force request to authority to get a a new token. Defaults to false.
|
|
10
|
+
* - preferredAzureRegionOptions - Options of the user's preferred azure region
|
|
11
|
+
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
12
|
+
*/
|
|
13
|
+
export type CommonClientCredentialRequest = BaseAuthRequest & {
|
|
14
|
+
skipCache?: boolean;
|
|
15
|
+
azureRegion?: AzureRegion;
|
|
16
|
+
clientAssertion?: ClientAssertion;
|
|
17
|
+
};
|
|
18
18
|
//# sourceMappingURL=CommonClientCredentialRequest.d.ts.map
|
|
@@ -1,22 +1,22 @@
|
|
|
1
|
-
import { DeviceCodeResponse } from "../response/DeviceCodeResponse";
|
|
2
|
-
import { StringDict } from "../utils/MsalTypes";
|
|
3
|
-
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
4
|
-
/**
|
|
5
|
-
* Parameters for Oauth2 device code flow.
|
|
6
|
-
* - scopes - Array of scopes the application is requesting access to.
|
|
7
|
-
* - authority: - URL of the authority, the security token service (STS) from which MSAL will acquire tokens. If authority is set on client application object, this will override that value. Overriding the value will cause for authority validation to happen each time. If the same authority will be used for all request, set on the application object instead of the requests.
|
|
8
|
-
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
9
|
-
* - deviceCodeCallback - Callback containing device code response. Message should be shown to end user. End user can then navigate to the verification_uri, input the user_code, and input credentials.
|
|
10
|
-
* - cancel - Boolean to cancel polling of device code endpoint. While the user authenticates on a separate device, MSAL polls the the token endpoint of security token service for the interval specified in the device code response (usually 15 minutes). To stop polling and cancel the request, set cancel=true.
|
|
11
|
-
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
12
|
-
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
13
|
-
* - timeout - Timeout period in seconds which the user explicitly configures for the polling of the device code endpoint. At the end of this period; assuming the device code has not expired yet; the device code polling is stopped and the request cancelled. The device code expiration window will always take precedence over this set period.
|
|
14
|
-
* - extraQueryParameters - String to string map of custom query parameters added to the query string
|
|
15
|
-
*/
|
|
16
|
-
export type CommonDeviceCodeRequest = Omit<BaseAuthRequest, "tokenQueryParameters"> & {
|
|
17
|
-
deviceCodeCallback: (response: DeviceCodeResponse) => void;
|
|
18
|
-
cancel?: boolean;
|
|
19
|
-
timeout?: number;
|
|
20
|
-
extraQueryParameters?: StringDict;
|
|
21
|
-
};
|
|
1
|
+
import { DeviceCodeResponse } from "../response/DeviceCodeResponse";
|
|
2
|
+
import { StringDict } from "../utils/MsalTypes";
|
|
3
|
+
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
4
|
+
/**
|
|
5
|
+
* Parameters for Oauth2 device code flow.
|
|
6
|
+
* - scopes - Array of scopes the application is requesting access to.
|
|
7
|
+
* - authority: - URL of the authority, the security token service (STS) from which MSAL will acquire tokens. If authority is set on client application object, this will override that value. Overriding the value will cause for authority validation to happen each time. If the same authority will be used for all request, set on the application object instead of the requests.
|
|
8
|
+
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
9
|
+
* - deviceCodeCallback - Callback containing device code response. Message should be shown to end user. End user can then navigate to the verification_uri, input the user_code, and input credentials.
|
|
10
|
+
* - cancel - Boolean to cancel polling of device code endpoint. While the user authenticates on a separate device, MSAL polls the the token endpoint of security token service for the interval specified in the device code response (usually 15 minutes). To stop polling and cancel the request, set cancel=true.
|
|
11
|
+
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
12
|
+
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
13
|
+
* - timeout - Timeout period in seconds which the user explicitly configures for the polling of the device code endpoint. At the end of this period; assuming the device code has not expired yet; the device code polling is stopped and the request cancelled. The device code expiration window will always take precedence over this set period.
|
|
14
|
+
* - extraQueryParameters - String to string map of custom query parameters added to the query string
|
|
15
|
+
*/
|
|
16
|
+
export type CommonDeviceCodeRequest = Omit<BaseAuthRequest, "tokenQueryParameters"> & {
|
|
17
|
+
deviceCodeCallback: (response: DeviceCodeResponse) => void;
|
|
18
|
+
cancel?: boolean;
|
|
19
|
+
timeout?: number;
|
|
20
|
+
extraQueryParameters?: StringDict;
|
|
21
|
+
};
|
|
22
22
|
//# sourceMappingURL=CommonDeviceCodeRequest.d.ts.map
|
|
@@ -1,22 +1,22 @@
|
|
|
1
|
-
import { AccountInfo } from "../account/AccountInfo";
|
|
2
|
-
import { StringDict } from "../utils/MsalTypes";
|
|
3
|
-
/**
|
|
4
|
-
* CommonEndSessionRequest
|
|
5
|
-
* - account - Account object that will be logged out of. All tokens tied to this account will be cleared.
|
|
6
|
-
* - postLogoutRedirectUri - URI to navigate to after logout page.
|
|
7
|
-
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
8
|
-
* - idTokenHint - ID Token used by B2C to validate logout if required by the policy
|
|
9
|
-
* - state - A value included in the request to the logout endpoint which will be returned in the query string upon post logout redirection
|
|
10
|
-
* - logoutHint - A string that specifies the account that is being logged out in order to skip the server account picker on logout
|
|
11
|
-
* - extraQueryParameters - String to string map of custom query parameters added to the /authorize call
|
|
12
|
-
*/
|
|
13
|
-
export type CommonEndSessionRequest = {
|
|
14
|
-
correlationId: string;
|
|
15
|
-
account?: AccountInfo | null;
|
|
16
|
-
postLogoutRedirectUri?: string | null;
|
|
17
|
-
idTokenHint?: string;
|
|
18
|
-
state?: string;
|
|
19
|
-
logoutHint?: string;
|
|
20
|
-
extraQueryParameters?: StringDict;
|
|
21
|
-
};
|
|
1
|
+
import { AccountInfo } from "../account/AccountInfo";
|
|
2
|
+
import { StringDict } from "../utils/MsalTypes";
|
|
3
|
+
/**
|
|
4
|
+
* CommonEndSessionRequest
|
|
5
|
+
* - account - Account object that will be logged out of. All tokens tied to this account will be cleared.
|
|
6
|
+
* - postLogoutRedirectUri - URI to navigate to after logout page.
|
|
7
|
+
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
8
|
+
* - idTokenHint - ID Token used by B2C to validate logout if required by the policy
|
|
9
|
+
* - state - A value included in the request to the logout endpoint which will be returned in the query string upon post logout redirection
|
|
10
|
+
* - logoutHint - A string that specifies the account that is being logged out in order to skip the server account picker on logout
|
|
11
|
+
* - extraQueryParameters - String to string map of custom query parameters added to the /authorize call
|
|
12
|
+
*/
|
|
13
|
+
export type CommonEndSessionRequest = {
|
|
14
|
+
correlationId: string;
|
|
15
|
+
account?: AccountInfo | null;
|
|
16
|
+
postLogoutRedirectUri?: string | null;
|
|
17
|
+
idTokenHint?: string;
|
|
18
|
+
state?: string;
|
|
19
|
+
logoutHint?: string;
|
|
20
|
+
extraQueryParameters?: StringDict;
|
|
21
|
+
};
|
|
22
22
|
//# sourceMappingURL=CommonEndSessionRequest.d.ts.map
|
|
@@ -1,14 +1,14 @@
|
|
|
1
|
-
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
2
|
-
/**
|
|
3
|
-
* - scopes - Array of scopes the application is requesting access to.
|
|
4
|
-
* - authority - URL of the authority, the security token service (STS) from which MSAL will acquire tokens.
|
|
5
|
-
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
6
|
-
* - oboAssertion - The access token that was sent to the middle-tier API. This token must have an audience of the app making this OBO request.
|
|
7
|
-
* - skipCache - Skip token cache lookup and force request to authority to get a a new token. Defaults to false.
|
|
8
|
-
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
9
|
-
*/
|
|
10
|
-
export type CommonOnBehalfOfRequest = BaseAuthRequest & {
|
|
11
|
-
oboAssertion: string;
|
|
12
|
-
skipCache?: boolean;
|
|
13
|
-
};
|
|
1
|
+
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
2
|
+
/**
|
|
3
|
+
* - scopes - Array of scopes the application is requesting access to.
|
|
4
|
+
* - authority - URL of the authority, the security token service (STS) from which MSAL will acquire tokens.
|
|
5
|
+
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
6
|
+
* - oboAssertion - The access token that was sent to the middle-tier API. This token must have an audience of the app making this OBO request.
|
|
7
|
+
* - skipCache - Skip token cache lookup and force request to authority to get a a new token. Defaults to false.
|
|
8
|
+
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
9
|
+
*/
|
|
10
|
+
export type CommonOnBehalfOfRequest = BaseAuthRequest & {
|
|
11
|
+
oboAssertion: string;
|
|
12
|
+
skipCache?: boolean;
|
|
13
|
+
};
|
|
14
14
|
//# sourceMappingURL=CommonOnBehalfOfRequest.d.ts.map
|
|
@@ -1,23 +1,23 @@
|
|
|
1
|
-
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
2
|
-
import { CcsCredential } from "../account/CcsCredential";
|
|
3
|
-
import { StringDict } from "../utils/MsalTypes";
|
|
4
|
-
/**
|
|
5
|
-
* CommonRefreshTokenRequest
|
|
6
|
-
* - scopes - Array of scopes the application is requesting access to.
|
|
7
|
-
* - claims - A stringified claims request which will be added to all /authorize and /token calls
|
|
8
|
-
* - authority - URL of the authority, the security token service (STS) from which MSAL will acquire tokens.
|
|
9
|
-
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
10
|
-
* - refreshToken - A refresh token returned from a previous request to the Identity provider.
|
|
11
|
-
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
12
|
-
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
13
|
-
* - forceCache - Force MSAL to cache a refresh token flow response when there is no account in the cache. Used for migration scenarios.
|
|
14
|
-
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
15
|
-
*/
|
|
16
|
-
export type CommonRefreshTokenRequest = BaseAuthRequest & {
|
|
17
|
-
refreshToken: string;
|
|
18
|
-
ccsCredential?: CcsCredential;
|
|
19
|
-
forceCache?: boolean;
|
|
20
|
-
tokenBodyParameters?: StringDict;
|
|
21
|
-
redirectUri?: string;
|
|
22
|
-
};
|
|
1
|
+
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
2
|
+
import { CcsCredential } from "../account/CcsCredential";
|
|
3
|
+
import { StringDict } from "../utils/MsalTypes";
|
|
4
|
+
/**
|
|
5
|
+
* CommonRefreshTokenRequest
|
|
6
|
+
* - scopes - Array of scopes the application is requesting access to.
|
|
7
|
+
* - claims - A stringified claims request which will be added to all /authorize and /token calls
|
|
8
|
+
* - authority - URL of the authority, the security token service (STS) from which MSAL will acquire tokens.
|
|
9
|
+
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
10
|
+
* - refreshToken - A refresh token returned from a previous request to the Identity provider.
|
|
11
|
+
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
12
|
+
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
13
|
+
* - forceCache - Force MSAL to cache a refresh token flow response when there is no account in the cache. Used for migration scenarios.
|
|
14
|
+
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
15
|
+
*/
|
|
16
|
+
export type CommonRefreshTokenRequest = BaseAuthRequest & {
|
|
17
|
+
refreshToken: string;
|
|
18
|
+
ccsCredential?: CcsCredential;
|
|
19
|
+
forceCache?: boolean;
|
|
20
|
+
tokenBodyParameters?: StringDict;
|
|
21
|
+
redirectUri?: string;
|
|
22
|
+
};
|
|
23
23
|
//# sourceMappingURL=CommonRefreshTokenRequest.d.ts.map
|
|
@@ -1,28 +1,28 @@
|
|
|
1
|
-
import { AccountInfo } from "../account/AccountInfo";
|
|
2
|
-
import { StringDict } from "../utils/MsalTypes";
|
|
3
|
-
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
4
|
-
/**
|
|
5
|
-
* SilentFlow parameters passed by the user to retrieve credentials silently
|
|
6
|
-
* - scopes - Array of scopes the application is requesting access to.
|
|
7
|
-
* - claims - A stringified claims request which will be added to all /authorize and /token calls. When included on a silent request, cache lookup will be skipped and token will be refreshed.
|
|
8
|
-
* - authority - Url of the authority which the application acquires tokens from.
|
|
9
|
-
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
10
|
-
* - account - Account entity to lookup the credentials.
|
|
11
|
-
* - forceRefresh - Forces silent requests to make network calls if true.
|
|
12
|
-
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
13
|
-
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
14
|
-
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
15
|
-
*/
|
|
16
|
-
export type CommonSilentFlowRequest = BaseAuthRequest & {
|
|
17
|
-
/** Account object to lookup the credentials */
|
|
18
|
-
account: AccountInfo;
|
|
19
|
-
/** Skip cache lookup and forces network call(s) to get fresh tokens */
|
|
20
|
-
forceRefresh: boolean;
|
|
21
|
-
/** RedirectUri registered on the app registration - only required in brokering scenarios */
|
|
22
|
-
redirectUri?: string;
|
|
23
|
-
/** Key value pairs to include on the POST body to the /token endpoint */
|
|
24
|
-
tokenBodyParameters?: StringDict;
|
|
25
|
-
/** If refresh token will expire within the configured value, consider it already expired. Used to pre-emptively invoke interaction when cached refresh token is close to expiry. */
|
|
26
|
-
refreshTokenExpirationOffsetSeconds?: number;
|
|
27
|
-
};
|
|
1
|
+
import { AccountInfo } from "../account/AccountInfo";
|
|
2
|
+
import { StringDict } from "../utils/MsalTypes";
|
|
3
|
+
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
4
|
+
/**
|
|
5
|
+
* SilentFlow parameters passed by the user to retrieve credentials silently
|
|
6
|
+
* - scopes - Array of scopes the application is requesting access to.
|
|
7
|
+
* - claims - A stringified claims request which will be added to all /authorize and /token calls. When included on a silent request, cache lookup will be skipped and token will be refreshed.
|
|
8
|
+
* - authority - Url of the authority which the application acquires tokens from.
|
|
9
|
+
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
10
|
+
* - account - Account entity to lookup the credentials.
|
|
11
|
+
* - forceRefresh - Forces silent requests to make network calls if true.
|
|
12
|
+
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
13
|
+
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
14
|
+
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
15
|
+
*/
|
|
16
|
+
export type CommonSilentFlowRequest = BaseAuthRequest & {
|
|
17
|
+
/** Account object to lookup the credentials */
|
|
18
|
+
account: AccountInfo;
|
|
19
|
+
/** Skip cache lookup and forces network call(s) to get fresh tokens */
|
|
20
|
+
forceRefresh: boolean;
|
|
21
|
+
/** RedirectUri registered on the app registration - only required in brokering scenarios */
|
|
22
|
+
redirectUri?: string;
|
|
23
|
+
/** Key value pairs to include on the POST body to the /token endpoint */
|
|
24
|
+
tokenBodyParameters?: StringDict;
|
|
25
|
+
/** If refresh token will expire within the configured value, consider it already expired. Used to pre-emptively invoke interaction when cached refresh token is close to expiry. */
|
|
26
|
+
refreshTokenExpirationOffsetSeconds?: number;
|
|
27
|
+
};
|
|
28
28
|
//# sourceMappingURL=CommonSilentFlowRequest.d.ts.map
|
|
@@ -1,18 +1,18 @@
|
|
|
1
|
-
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
2
|
-
/**
|
|
3
|
-
* CommonUsernamePassword parameters passed by the user to retrieve credentials
|
|
4
|
-
* Note: The latest OAuth 2.0 Security Best Current Practice disallows the password grant entirely. This flow is added for internal testing.
|
|
5
|
-
*
|
|
6
|
-
* - scopes - Array of scopes the application is requesting access to.
|
|
7
|
-
* - claims - A stringified claims request which will be added to all /authorize and /token calls. When included on a silent request, cache lookup will be skipped and token will be refreshed.
|
|
8
|
-
* - authority - Url of the authority which the application acquires tokens from.
|
|
9
|
-
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
10
|
-
* - username - username of the client
|
|
11
|
-
* - password - credentials
|
|
12
|
-
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
13
|
-
*/
|
|
14
|
-
export type CommonUsernamePasswordRequest = BaseAuthRequest & {
|
|
15
|
-
username: string;
|
|
16
|
-
password: string;
|
|
17
|
-
};
|
|
1
|
+
import { BaseAuthRequest } from "./BaseAuthRequest";
|
|
2
|
+
/**
|
|
3
|
+
* CommonUsernamePassword parameters passed by the user to retrieve credentials
|
|
4
|
+
* Note: The latest OAuth 2.0 Security Best Current Practice disallows the password grant entirely. This flow is added for internal testing.
|
|
5
|
+
*
|
|
6
|
+
* - scopes - Array of scopes the application is requesting access to.
|
|
7
|
+
* - claims - A stringified claims request which will be added to all /authorize and /token calls. When included on a silent request, cache lookup will be skipped and token will be refreshed.
|
|
8
|
+
* - authority - Url of the authority which the application acquires tokens from.
|
|
9
|
+
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
10
|
+
* - username - username of the client
|
|
11
|
+
* - password - credentials
|
|
12
|
+
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
13
|
+
*/
|
|
14
|
+
export type CommonUsernamePasswordRequest = BaseAuthRequest & {
|
|
15
|
+
username: string;
|
|
16
|
+
password: string;
|
|
17
|
+
};
|
|
18
18
|
//# sourceMappingURL=CommonUsernamePasswordRequest.d.ts.map
|
|
@@ -1,20 +1,20 @@
|
|
|
1
|
-
import { StringDict } from "../utils/MsalTypes";
|
|
2
|
-
export type NativeRequest = {
|
|
3
|
-
clientId: string;
|
|
4
|
-
authority: string;
|
|
5
|
-
correlationId: string;
|
|
6
|
-
redirectUri: string;
|
|
7
|
-
scopes: Array<string>;
|
|
8
|
-
claims?: string;
|
|
9
|
-
authenticationScheme?: string;
|
|
10
|
-
resourceRequestMethod?: string;
|
|
11
|
-
resourceRequestUri?: string;
|
|
12
|
-
shrNonce?: string;
|
|
13
|
-
accountId?: string;
|
|
14
|
-
forceRefresh?: boolean;
|
|
15
|
-
extraParameters?: StringDict;
|
|
16
|
-
extraScopesToConsent?: Array<string>;
|
|
17
|
-
loginHint?: string;
|
|
18
|
-
prompt?: string;
|
|
19
|
-
};
|
|
1
|
+
import { StringDict } from "../utils/MsalTypes";
|
|
2
|
+
export type NativeRequest = {
|
|
3
|
+
clientId: string;
|
|
4
|
+
authority: string;
|
|
5
|
+
correlationId: string;
|
|
6
|
+
redirectUri: string;
|
|
7
|
+
scopes: Array<string>;
|
|
8
|
+
claims?: string;
|
|
9
|
+
authenticationScheme?: string;
|
|
10
|
+
resourceRequestMethod?: string;
|
|
11
|
+
resourceRequestUri?: string;
|
|
12
|
+
shrNonce?: string;
|
|
13
|
+
accountId?: string;
|
|
14
|
+
forceRefresh?: boolean;
|
|
15
|
+
extraParameters?: StringDict;
|
|
16
|
+
extraScopesToConsent?: Array<string>;
|
|
17
|
+
loginHint?: string;
|
|
18
|
+
prompt?: string;
|
|
19
|
+
};
|
|
20
20
|
//# sourceMappingURL=NativeRequest.d.ts.map
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
export type NativeSignOutRequest = {
|
|
2
|
-
clientId: string;
|
|
3
|
-
accountId: string;
|
|
4
|
-
correlationId: string;
|
|
5
|
-
};
|
|
1
|
+
export type NativeSignOutRequest = {
|
|
2
|
+
clientId: string;
|
|
3
|
+
accountId: string;
|
|
4
|
+
correlationId: string;
|
|
5
|
+
};
|
|
6
6
|
//# sourceMappingURL=NativeSignOutRequest.d.ts.map
|