@azure/msal-common 14.13.1 → 14.14.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (193) hide show
  1. package/dist/account/AccountInfo.d.ts +66 -66
  2. package/dist/account/AccountInfo.mjs +77 -77
  3. package/dist/account/AuthToken.d.ts +17 -17
  4. package/dist/account/AuthToken.mjs +58 -58
  5. package/dist/account/CcsCredential.d.ts +9 -9
  6. package/dist/account/CcsCredential.mjs +8 -8
  7. package/dist/account/ClientCredentials.d.ts +19 -19
  8. package/dist/account/ClientInfo.d.ts +18 -18
  9. package/dist/account/ClientInfo.mjs +37 -37
  10. package/dist/account/TokenClaims.d.ts +83 -83
  11. package/dist/account/TokenClaims.mjs +20 -20
  12. package/dist/authority/Authority.d.ts +254 -254
  13. package/dist/authority/Authority.mjs +836 -836
  14. package/dist/authority/AuthorityFactory.d.ts +18 -18
  15. package/dist/authority/AuthorityFactory.mjs +28 -28
  16. package/dist/authority/AuthorityMetadata.d.ts +43 -43
  17. package/dist/authority/AuthorityMetadata.mjs +137 -137
  18. package/dist/authority/AuthorityOptions.d.ts +27 -27
  19. package/dist/authority/AuthorityOptions.mjs +18 -18
  20. package/dist/authority/AuthorityType.d.ts +10 -10
  21. package/dist/authority/AuthorityType.mjs +13 -13
  22. package/dist/authority/AzureRegion.d.ts +1 -1
  23. package/dist/authority/AzureRegionConfiguration.d.ts +5 -5
  24. package/dist/authority/CloudDiscoveryMetadata.d.ts +5 -5
  25. package/dist/authority/CloudInstanceDiscoveryErrorResponse.d.ts +13 -13
  26. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +8 -8
  27. package/dist/authority/CloudInstanceDiscoveryResponse.d.ts +9 -9
  28. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +8 -8
  29. package/dist/authority/ImdsOptions.d.ts +5 -5
  30. package/dist/authority/OIDCOptions.d.ts +8 -8
  31. package/dist/authority/OpenIdConfigResponse.d.ts +11 -11
  32. package/dist/authority/OpenIdConfigResponse.mjs +10 -10
  33. package/dist/authority/ProtocolMode.d.ts +8 -8
  34. package/dist/authority/ProtocolMode.mjs +11 -11
  35. package/dist/authority/RegionDiscovery.d.ts +32 -32
  36. package/dist/authority/RegionDiscovery.mjs +106 -106
  37. package/dist/authority/RegionDiscoveryMetadata.d.ts +6 -6
  38. package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +15 -15
  39. package/dist/cache/CacheManager.d.ts +497 -497
  40. package/dist/cache/CacheManager.mjs +1249 -1249
  41. package/dist/cache/entities/AccessTokenEntity.d.ts +25 -25
  42. package/dist/cache/entities/AccountEntity.d.ts +106 -106
  43. package/dist/cache/entities/AccountEntity.mjs +240 -240
  44. package/dist/cache/entities/AppMetadataEntity.d.ts +11 -11
  45. package/dist/cache/entities/AuthorityMetadataEntity.d.ts +15 -15
  46. package/dist/cache/entities/CacheRecord.d.ts +13 -13
  47. package/dist/cache/entities/CredentialEntity.d.ts +30 -30
  48. package/dist/cache/entities/IdTokenEntity.d.ts +8 -8
  49. package/dist/cache/entities/RefreshTokenEntity.d.ts +7 -7
  50. package/dist/cache/entities/ServerTelemetryEntity.d.ts +6 -5
  51. package/dist/cache/entities/ServerTelemetryEntity.d.ts.map +1 -1
  52. package/dist/cache/entities/ThrottlingEntity.d.ts +7 -7
  53. package/dist/cache/interface/ICacheManager.d.ts +166 -166
  54. package/dist/cache/interface/ICachePlugin.d.ts +5 -5
  55. package/dist/cache/interface/ISerializableTokenCache.d.ts +4 -4
  56. package/dist/cache/persistence/TokenCacheContext.d.ts +23 -23
  57. package/dist/cache/persistence/TokenCacheContext.mjs +25 -25
  58. package/dist/cache/utils/CacheHelpers.d.ts +94 -94
  59. package/dist/cache/utils/CacheHelpers.mjs +324 -324
  60. package/dist/cache/utils/CacheTypes.d.ts +69 -69
  61. package/dist/client/AuthorizationCodeClient.d.ts +74 -74
  62. package/dist/client/AuthorizationCodeClient.mjs +420 -420
  63. package/dist/client/BaseClient.d.ts +51 -51
  64. package/dist/client/BaseClient.mjs +100 -100
  65. package/dist/client/RefreshTokenClient.d.ts +35 -35
  66. package/dist/client/RefreshTokenClient.mjs +211 -211
  67. package/dist/client/SilentFlowClient.d.ts +27 -27
  68. package/dist/client/SilentFlowClient.mjs +133 -133
  69. package/dist/config/AppTokenProvider.d.ts +38 -38
  70. package/dist/config/ClientConfiguration.d.ts +150 -150
  71. package/dist/config/ClientConfiguration.mjs +95 -95
  72. package/dist/constants/AADServerParamKeys.d.ts +53 -52
  73. package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
  74. package/dist/constants/AADServerParamKeys.mjs +59 -58
  75. package/dist/constants/AADServerParamKeys.mjs.map +1 -1
  76. package/dist/crypto/ICrypto.d.ts +68 -68
  77. package/dist/crypto/ICrypto.mjs +36 -36
  78. package/dist/crypto/IGuidGenerator.d.ts +4 -4
  79. package/dist/crypto/JoseHeader.d.ts +22 -22
  80. package/dist/crypto/JoseHeader.mjs +37 -37
  81. package/dist/crypto/PopTokenGenerator.d.ts +59 -59
  82. package/dist/crypto/PopTokenGenerator.mjs +81 -81
  83. package/dist/crypto/SignedHttpRequest.d.ts +15 -15
  84. package/dist/error/AuthError.d.ts +44 -44
  85. package/dist/error/AuthError.mjs +46 -46
  86. package/dist/error/AuthErrorCodes.d.ts +5 -5
  87. package/dist/error/AuthErrorCodes.mjs +9 -9
  88. package/dist/error/CacheError.d.ts +20 -20
  89. package/dist/error/CacheError.mjs +24 -24
  90. package/dist/error/CacheErrorCodes.d.ts +2 -2
  91. package/dist/error/CacheErrorCodes.mjs +6 -6
  92. package/dist/error/ClientAuthError.d.ts +237 -237
  93. package/dist/error/ClientAuthError.mjs +249 -249
  94. package/dist/error/ClientAuthErrorCodes.d.ts +44 -44
  95. package/dist/error/ClientAuthErrorCodes.mjs +48 -48
  96. package/dist/error/ClientConfigurationError.d.ts +128 -128
  97. package/dist/error/ClientConfigurationError.mjs +135 -135
  98. package/dist/error/ClientConfigurationErrorCodes.d.ts +22 -22
  99. package/dist/error/ClientConfigurationErrorCodes.mjs +26 -26
  100. package/dist/error/InteractionRequiredAuthError.d.ts +65 -65
  101. package/dist/error/InteractionRequiredAuthError.mjs +85 -85
  102. package/dist/error/InteractionRequiredAuthErrorCodes.d.ts +7 -7
  103. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +13 -13
  104. package/dist/error/JoseHeaderError.d.ts +15 -15
  105. package/dist/error/JoseHeaderError.mjs +22 -22
  106. package/dist/error/JoseHeaderErrorCodes.d.ts +2 -2
  107. package/dist/error/JoseHeaderErrorCodes.mjs +6 -6
  108. package/dist/error/ServerError.d.ts +15 -15
  109. package/dist/error/ServerError.mjs +16 -16
  110. package/dist/index.cjs +8664 -8599
  111. package/dist/index.cjs.map +1 -1
  112. package/dist/index.d.ts +107 -107
  113. package/dist/index.mjs +1 -1
  114. package/dist/logger/Logger.d.ts +95 -95
  115. package/dist/logger/Logger.mjs +188 -188
  116. package/dist/network/INetworkModule.d.ts +29 -29
  117. package/dist/network/INetworkModule.mjs +12 -12
  118. package/dist/network/NetworkManager.d.ts +33 -33
  119. package/dist/network/NetworkManager.mjs +34 -34
  120. package/dist/network/RequestThumbprint.d.ts +18 -18
  121. package/dist/network/ThrottlingUtils.d.ts +42 -42
  122. package/dist/network/ThrottlingUtils.mjs +95 -95
  123. package/dist/packageMetadata.d.ts +2 -2
  124. package/dist/packageMetadata.mjs +4 -4
  125. package/dist/request/AuthenticationHeaderParser.d.ts +19 -19
  126. package/dist/request/AuthenticationHeaderParser.mjs +55 -55
  127. package/dist/request/BaseAuthRequest.d.ts +47 -47
  128. package/dist/request/CommonAuthorizationCodeRequest.d.ts +27 -27
  129. package/dist/request/CommonAuthorizationUrlRequest.d.ts +50 -50
  130. package/dist/request/CommonClientCredentialRequest.d.ts +17 -17
  131. package/dist/request/CommonDeviceCodeRequest.d.ts +21 -21
  132. package/dist/request/CommonEndSessionRequest.d.ts +21 -21
  133. package/dist/request/CommonOnBehalfOfRequest.d.ts +13 -13
  134. package/dist/request/CommonRefreshTokenRequest.d.ts +22 -22
  135. package/dist/request/CommonSilentFlowRequest.d.ts +27 -27
  136. package/dist/request/CommonUsernamePasswordRequest.d.ts +17 -17
  137. package/dist/request/NativeRequest.d.ts +19 -19
  138. package/dist/request/NativeSignOutRequest.d.ts +5 -5
  139. package/dist/request/RequestParameterBuilder.d.ts +217 -217
  140. package/dist/request/RequestParameterBuilder.mjs +382 -382
  141. package/dist/request/RequestValidator.d.ts +27 -27
  142. package/dist/request/RequestValidator.mjs +64 -64
  143. package/dist/request/ScopeSet.d.ts +88 -88
  144. package/dist/request/ScopeSet.mjs +197 -197
  145. package/dist/request/StoreInCache.d.ts +8 -8
  146. package/dist/response/AuthenticationResult.d.ts +41 -41
  147. package/dist/response/AuthorizationCodePayload.d.ts +13 -13
  148. package/dist/response/DeviceCodeResponse.d.ts +25 -25
  149. package/dist/response/ExternalTokenResponse.d.ts +15 -15
  150. package/dist/response/IMDSBadResponse.d.ts +4 -4
  151. package/dist/response/ResponseHandler.d.ts +69 -69
  152. package/dist/response/ResponseHandler.mjs +374 -374
  153. package/dist/response/ServerAuthorizationCodeResponse.d.ts +26 -26
  154. package/dist/response/ServerAuthorizationTokenResponse.d.ts +47 -47
  155. package/dist/telemetry/performance/IPerformanceClient.d.ts +57 -57
  156. package/dist/telemetry/performance/IPerformanceMeasurement.d.ts +5 -5
  157. package/dist/telemetry/performance/PerformanceClient.d.ts +242 -242
  158. package/dist/telemetry/performance/PerformanceClient.mjs +587 -587
  159. package/dist/telemetry/performance/PerformanceEvent.d.ts +515 -505
  160. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  161. package/dist/telemetry/performance/PerformanceEvent.mjs +484 -480
  162. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  163. package/dist/telemetry/performance/StubPerformanceClient.d.ts +24 -24
  164. package/dist/telemetry/performance/StubPerformanceClient.mjs +76 -76
  165. package/dist/telemetry/server/ServerTelemetryManager.d.ts +78 -66
  166. package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
  167. package/dist/telemetry/server/ServerTelemetryManager.mjs +260 -201
  168. package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  169. package/dist/telemetry/server/ServerTelemetryRequest.d.ts +8 -8
  170. package/dist/url/IUri.d.ts +12 -12
  171. package/dist/url/UrlString.d.ts +48 -48
  172. package/dist/url/UrlString.mjs +161 -161
  173. package/dist/utils/ClientAssertionUtils.d.ts +2 -2
  174. package/dist/utils/ClientAssertionUtils.mjs +16 -16
  175. package/dist/utils/Constants.d.ts +309 -309
  176. package/dist/utils/Constants.mjs +322 -322
  177. package/dist/utils/FunctionWrappers.d.ts +27 -27
  178. package/dist/utils/FunctionWrappers.mjs +94 -94
  179. package/dist/utils/MsalTypes.d.ts +6 -6
  180. package/dist/utils/ProtocolUtils.d.ts +42 -42
  181. package/dist/utils/ProtocolUtils.mjs +69 -69
  182. package/dist/utils/StringUtils.d.ts +40 -40
  183. package/dist/utils/StringUtils.mjs +95 -95
  184. package/dist/utils/TimeUtils.d.ts +25 -25
  185. package/dist/utils/TimeUtils.mjs +43 -43
  186. package/dist/utils/UrlUtils.d.ts +10 -10
  187. package/dist/utils/UrlUtils.mjs +44 -44
  188. package/package.json +1 -1
  189. package/src/cache/entities/ServerTelemetryEntity.ts +1 -0
  190. package/src/constants/AADServerParamKeys.ts +1 -0
  191. package/src/packageMetadata.ts +1 -1
  192. package/src/telemetry/performance/PerformanceEvent.ts +12 -0
  193. package/src/telemetry/server/ServerTelemetryManager.ts +95 -1
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v14.13.1 2024-07-16 */
1
+ /*! @azure/msal-common v14.14.1 2024-08-13 */
2
2
  'use strict';
3
3
  import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
4
4
  import { StringUtils } from '../utils/StringUtils.mjs';
@@ -7,202 +7,202 @@ import { Constants, OIDC_SCOPES } from '../utils/Constants.mjs';
7
7
  import { emptyInputScopesError } from '../error/ClientConfigurationErrorCodes.mjs';
8
8
  import { cannotAppendScopeSet, cannotRemoveEmptyScope, emptyInputScopeSet } from '../error/ClientAuthErrorCodes.mjs';
9
9
 
10
- /*
11
- * Copyright (c) Microsoft Corporation. All rights reserved.
12
- * Licensed under the MIT License.
13
- */
14
- /**
15
- * The ScopeSet class creates a set of scopes. Scopes are case-insensitive, unique values, so the Set object in JS makes
16
- * the most sense to implement for this class. All scopes are trimmed and converted to lower case strings in intersection and union functions
17
- * to ensure uniqueness of strings.
18
- */
19
- class ScopeSet {
20
- constructor(inputScopes) {
21
- // Filter empty string and null/undefined array items
22
- const scopeArr = inputScopes
23
- ? StringUtils.trimArrayEntries([...inputScopes])
24
- : [];
25
- const filteredInput = scopeArr
26
- ? StringUtils.removeEmptyStringsFromArray(scopeArr)
27
- : [];
28
- // Validate and filter scopes (validate function throws if validation fails)
29
- this.validateInputScopes(filteredInput);
30
- this.scopes = new Set(); // Iterator in constructor not supported by IE11
31
- filteredInput.forEach((scope) => this.scopes.add(scope));
32
- }
33
- /**
34
- * Factory method to create ScopeSet from space-delimited string
35
- * @param inputScopeString
36
- * @param appClientId
37
- * @param scopesRequired
38
- */
39
- static fromString(inputScopeString) {
40
- const scopeString = inputScopeString || Constants.EMPTY_STRING;
41
- const inputScopes = scopeString.split(" ");
42
- return new ScopeSet(inputScopes);
43
- }
44
- /**
45
- * Creates the set of scopes to search for in cache lookups
46
- * @param inputScopeString
47
- * @returns
48
- */
49
- static createSearchScopes(inputScopeString) {
50
- const scopeSet = new ScopeSet(inputScopeString);
51
- if (!scopeSet.containsOnlyOIDCScopes()) {
52
- scopeSet.removeOIDCScopes();
53
- }
54
- else {
55
- scopeSet.removeScope(Constants.OFFLINE_ACCESS_SCOPE);
56
- }
57
- return scopeSet;
58
- }
59
- /**
60
- * Used to validate the scopes input parameter requested by the developer.
61
- * @param {Array<string>} inputScopes - Developer requested permissions. Not all scopes are guaranteed to be included in the access token returned.
62
- * @param {boolean} scopesRequired - Boolean indicating whether the scopes array is required or not
63
- */
64
- validateInputScopes(inputScopes) {
65
- // Check if scopes are required but not given or is an empty array
66
- if (!inputScopes || inputScopes.length < 1) {
67
- throw createClientConfigurationError(emptyInputScopesError);
68
- }
69
- }
70
- /**
71
- * Check if a given scope is present in this set of scopes.
72
- * @param scope
73
- */
74
- containsScope(scope) {
75
- const lowerCaseScopes = this.printScopesLowerCase().split(" ");
76
- const lowerCaseScopesSet = new ScopeSet(lowerCaseScopes);
77
- // compare lowercase scopes
78
- return scope
79
- ? lowerCaseScopesSet.scopes.has(scope.toLowerCase())
80
- : false;
81
- }
82
- /**
83
- * Check if a set of scopes is present in this set of scopes.
84
- * @param scopeSet
85
- */
86
- containsScopeSet(scopeSet) {
87
- if (!scopeSet || scopeSet.scopes.size <= 0) {
88
- return false;
89
- }
90
- return (this.scopes.size >= scopeSet.scopes.size &&
91
- scopeSet.asArray().every((scope) => this.containsScope(scope)));
92
- }
93
- /**
94
- * Check if set of scopes contains only the defaults
95
- */
96
- containsOnlyOIDCScopes() {
97
- let defaultScopeCount = 0;
98
- OIDC_SCOPES.forEach((defaultScope) => {
99
- if (this.containsScope(defaultScope)) {
100
- defaultScopeCount += 1;
101
- }
102
- });
103
- return this.scopes.size === defaultScopeCount;
104
- }
105
- /**
106
- * Appends single scope if passed
107
- * @param newScope
108
- */
109
- appendScope(newScope) {
110
- if (newScope) {
111
- this.scopes.add(newScope.trim());
112
- }
113
- }
114
- /**
115
- * Appends multiple scopes if passed
116
- * @param newScopes
117
- */
118
- appendScopes(newScopes) {
119
- try {
120
- newScopes.forEach((newScope) => this.appendScope(newScope));
121
- }
122
- catch (e) {
123
- throw createClientAuthError(cannotAppendScopeSet);
124
- }
125
- }
126
- /**
127
- * Removes element from set of scopes.
128
- * @param scope
129
- */
130
- removeScope(scope) {
131
- if (!scope) {
132
- throw createClientAuthError(cannotRemoveEmptyScope);
133
- }
134
- this.scopes.delete(scope.trim());
135
- }
136
- /**
137
- * Removes default scopes from set of scopes
138
- * Primarily used to prevent cache misses if the default scopes are not returned from the server
139
- */
140
- removeOIDCScopes() {
141
- OIDC_SCOPES.forEach((defaultScope) => {
142
- this.scopes.delete(defaultScope);
143
- });
144
- }
145
- /**
146
- * Combines an array of scopes with the current set of scopes.
147
- * @param otherScopes
148
- */
149
- unionScopeSets(otherScopes) {
150
- if (!otherScopes) {
151
- throw createClientAuthError(emptyInputScopeSet);
152
- }
153
- const unionScopes = new Set(); // Iterator in constructor not supported in IE11
154
- otherScopes.scopes.forEach((scope) => unionScopes.add(scope.toLowerCase()));
155
- this.scopes.forEach((scope) => unionScopes.add(scope.toLowerCase()));
156
- return unionScopes;
157
- }
158
- /**
159
- * Check if scopes intersect between this set and another.
160
- * @param otherScopes
161
- */
162
- intersectingScopeSets(otherScopes) {
163
- if (!otherScopes) {
164
- throw createClientAuthError(emptyInputScopeSet);
165
- }
166
- // Do not allow OIDC scopes to be the only intersecting scopes
167
- if (!otherScopes.containsOnlyOIDCScopes()) {
168
- otherScopes.removeOIDCScopes();
169
- }
170
- const unionScopes = this.unionScopeSets(otherScopes);
171
- const sizeOtherScopes = otherScopes.getScopeCount();
172
- const sizeThisScopes = this.getScopeCount();
173
- const sizeUnionScopes = unionScopes.size;
174
- return sizeUnionScopes < sizeThisScopes + sizeOtherScopes;
175
- }
176
- /**
177
- * Returns size of set of scopes.
178
- */
179
- getScopeCount() {
180
- return this.scopes.size;
181
- }
182
- /**
183
- * Returns the scopes as an array of string values
184
- */
185
- asArray() {
186
- const array = [];
187
- this.scopes.forEach((val) => array.push(val));
188
- return array;
189
- }
190
- /**
191
- * Prints scopes into a space-delimited string
192
- */
193
- printScopes() {
194
- if (this.scopes) {
195
- const scopeArr = this.asArray();
196
- return scopeArr.join(" ");
197
- }
198
- return Constants.EMPTY_STRING;
199
- }
200
- /**
201
- * Prints scopes into a space-delimited lower-case string (used for caching)
202
- */
203
- printScopesLowerCase() {
204
- return this.printScopes().toLowerCase();
205
- }
10
+ /*
11
+ * Copyright (c) Microsoft Corporation. All rights reserved.
12
+ * Licensed under the MIT License.
13
+ */
14
+ /**
15
+ * The ScopeSet class creates a set of scopes. Scopes are case-insensitive, unique values, so the Set object in JS makes
16
+ * the most sense to implement for this class. All scopes are trimmed and converted to lower case strings in intersection and union functions
17
+ * to ensure uniqueness of strings.
18
+ */
19
+ class ScopeSet {
20
+ constructor(inputScopes) {
21
+ // Filter empty string and null/undefined array items
22
+ const scopeArr = inputScopes
23
+ ? StringUtils.trimArrayEntries([...inputScopes])
24
+ : [];
25
+ const filteredInput = scopeArr
26
+ ? StringUtils.removeEmptyStringsFromArray(scopeArr)
27
+ : [];
28
+ // Validate and filter scopes (validate function throws if validation fails)
29
+ this.validateInputScopes(filteredInput);
30
+ this.scopes = new Set(); // Iterator in constructor not supported by IE11
31
+ filteredInput.forEach((scope) => this.scopes.add(scope));
32
+ }
33
+ /**
34
+ * Factory method to create ScopeSet from space-delimited string
35
+ * @param inputScopeString
36
+ * @param appClientId
37
+ * @param scopesRequired
38
+ */
39
+ static fromString(inputScopeString) {
40
+ const scopeString = inputScopeString || Constants.EMPTY_STRING;
41
+ const inputScopes = scopeString.split(" ");
42
+ return new ScopeSet(inputScopes);
43
+ }
44
+ /**
45
+ * Creates the set of scopes to search for in cache lookups
46
+ * @param inputScopeString
47
+ * @returns
48
+ */
49
+ static createSearchScopes(inputScopeString) {
50
+ const scopeSet = new ScopeSet(inputScopeString);
51
+ if (!scopeSet.containsOnlyOIDCScopes()) {
52
+ scopeSet.removeOIDCScopes();
53
+ }
54
+ else {
55
+ scopeSet.removeScope(Constants.OFFLINE_ACCESS_SCOPE);
56
+ }
57
+ return scopeSet;
58
+ }
59
+ /**
60
+ * Used to validate the scopes input parameter requested by the developer.
61
+ * @param {Array<string>} inputScopes - Developer requested permissions. Not all scopes are guaranteed to be included in the access token returned.
62
+ * @param {boolean} scopesRequired - Boolean indicating whether the scopes array is required or not
63
+ */
64
+ validateInputScopes(inputScopes) {
65
+ // Check if scopes are required but not given or is an empty array
66
+ if (!inputScopes || inputScopes.length < 1) {
67
+ throw createClientConfigurationError(emptyInputScopesError);
68
+ }
69
+ }
70
+ /**
71
+ * Check if a given scope is present in this set of scopes.
72
+ * @param scope
73
+ */
74
+ containsScope(scope) {
75
+ const lowerCaseScopes = this.printScopesLowerCase().split(" ");
76
+ const lowerCaseScopesSet = new ScopeSet(lowerCaseScopes);
77
+ // compare lowercase scopes
78
+ return scope
79
+ ? lowerCaseScopesSet.scopes.has(scope.toLowerCase())
80
+ : false;
81
+ }
82
+ /**
83
+ * Check if a set of scopes is present in this set of scopes.
84
+ * @param scopeSet
85
+ */
86
+ containsScopeSet(scopeSet) {
87
+ if (!scopeSet || scopeSet.scopes.size <= 0) {
88
+ return false;
89
+ }
90
+ return (this.scopes.size >= scopeSet.scopes.size &&
91
+ scopeSet.asArray().every((scope) => this.containsScope(scope)));
92
+ }
93
+ /**
94
+ * Check if set of scopes contains only the defaults
95
+ */
96
+ containsOnlyOIDCScopes() {
97
+ let defaultScopeCount = 0;
98
+ OIDC_SCOPES.forEach((defaultScope) => {
99
+ if (this.containsScope(defaultScope)) {
100
+ defaultScopeCount += 1;
101
+ }
102
+ });
103
+ return this.scopes.size === defaultScopeCount;
104
+ }
105
+ /**
106
+ * Appends single scope if passed
107
+ * @param newScope
108
+ */
109
+ appendScope(newScope) {
110
+ if (newScope) {
111
+ this.scopes.add(newScope.trim());
112
+ }
113
+ }
114
+ /**
115
+ * Appends multiple scopes if passed
116
+ * @param newScopes
117
+ */
118
+ appendScopes(newScopes) {
119
+ try {
120
+ newScopes.forEach((newScope) => this.appendScope(newScope));
121
+ }
122
+ catch (e) {
123
+ throw createClientAuthError(cannotAppendScopeSet);
124
+ }
125
+ }
126
+ /**
127
+ * Removes element from set of scopes.
128
+ * @param scope
129
+ */
130
+ removeScope(scope) {
131
+ if (!scope) {
132
+ throw createClientAuthError(cannotRemoveEmptyScope);
133
+ }
134
+ this.scopes.delete(scope.trim());
135
+ }
136
+ /**
137
+ * Removes default scopes from set of scopes
138
+ * Primarily used to prevent cache misses if the default scopes are not returned from the server
139
+ */
140
+ removeOIDCScopes() {
141
+ OIDC_SCOPES.forEach((defaultScope) => {
142
+ this.scopes.delete(defaultScope);
143
+ });
144
+ }
145
+ /**
146
+ * Combines an array of scopes with the current set of scopes.
147
+ * @param otherScopes
148
+ */
149
+ unionScopeSets(otherScopes) {
150
+ if (!otherScopes) {
151
+ throw createClientAuthError(emptyInputScopeSet);
152
+ }
153
+ const unionScopes = new Set(); // Iterator in constructor not supported in IE11
154
+ otherScopes.scopes.forEach((scope) => unionScopes.add(scope.toLowerCase()));
155
+ this.scopes.forEach((scope) => unionScopes.add(scope.toLowerCase()));
156
+ return unionScopes;
157
+ }
158
+ /**
159
+ * Check if scopes intersect between this set and another.
160
+ * @param otherScopes
161
+ */
162
+ intersectingScopeSets(otherScopes) {
163
+ if (!otherScopes) {
164
+ throw createClientAuthError(emptyInputScopeSet);
165
+ }
166
+ // Do not allow OIDC scopes to be the only intersecting scopes
167
+ if (!otherScopes.containsOnlyOIDCScopes()) {
168
+ otherScopes.removeOIDCScopes();
169
+ }
170
+ const unionScopes = this.unionScopeSets(otherScopes);
171
+ const sizeOtherScopes = otherScopes.getScopeCount();
172
+ const sizeThisScopes = this.getScopeCount();
173
+ const sizeUnionScopes = unionScopes.size;
174
+ return sizeUnionScopes < sizeThisScopes + sizeOtherScopes;
175
+ }
176
+ /**
177
+ * Returns size of set of scopes.
178
+ */
179
+ getScopeCount() {
180
+ return this.scopes.size;
181
+ }
182
+ /**
183
+ * Returns the scopes as an array of string values
184
+ */
185
+ asArray() {
186
+ const array = [];
187
+ this.scopes.forEach((val) => array.push(val));
188
+ return array;
189
+ }
190
+ /**
191
+ * Prints scopes into a space-delimited string
192
+ */
193
+ printScopes() {
194
+ if (this.scopes) {
195
+ const scopeArr = this.asArray();
196
+ return scopeArr.join(" ");
197
+ }
198
+ return Constants.EMPTY_STRING;
199
+ }
200
+ /**
201
+ * Prints scopes into a space-delimited lower-case string (used for caching)
202
+ */
203
+ printScopesLowerCase() {
204
+ return this.printScopes().toLowerCase();
205
+ }
206
206
  }
207
207
 
208
208
  export { ScopeSet };
@@ -1,9 +1,9 @@
1
- /**
2
- * Controls whether tokens should be stored in the cache or not. If set to false, tokens may still be acquired and returned but will not be cached for later retrieval.
3
- */
4
- export type StoreInCache = {
5
- accessToken?: boolean;
6
- idToken?: boolean;
7
- refreshToken?: boolean;
8
- };
1
+ /**
2
+ * Controls whether tokens should be stored in the cache or not. If set to false, tokens may still be acquired and returned but will not be cached for later retrieval.
3
+ */
4
+ export type StoreInCache = {
5
+ accessToken?: boolean;
6
+ idToken?: boolean;
7
+ refreshToken?: boolean;
8
+ };
9
9
  //# sourceMappingURL=StoreInCache.d.ts.map
@@ -1,42 +1,42 @@
1
- import { AccountInfo } from "../account/AccountInfo";
2
- /**
3
- * Result returned from the authority's token endpoint.
4
- * - uniqueId - `oid` or `sub` claim from ID token
5
- * - tenantId - `tid` claim from ID token
6
- * - scopes - Scopes that are validated for the respective token
7
- * - account - An account object representation of the currently signed-in user
8
- * - idToken - Id token received as part of the response
9
- * - idTokenClaims - MSAL-relevant ID token claims
10
- * - accessToken - Access token or SSH certificate received as part of the response
11
- * - fromCache - Boolean denoting whether token came from cache
12
- * - expiresOn - Javascript Date object representing relative expiration of access token
13
- * - extExpiresOn - Javascript Date object representing extended relative expiration of access token in case of server outage
14
- * - refreshOn - Javascript Date object representing relative time until an access token must be refreshed
15
- * - state - Value passed in by user in request
16
- * - familyId - Family ID identifier, usually only used for refresh tokens
17
- * - requestId - Request ID returned as part of the response
18
- */
19
- export type AuthenticationResult = {
20
- authority: string;
21
- uniqueId: string;
22
- tenantId: string;
23
- scopes: Array<string>;
24
- account: AccountInfo | null;
25
- idToken: string;
26
- idTokenClaims: object;
27
- accessToken: string;
28
- fromCache: boolean;
29
- expiresOn: Date | null;
30
- extExpiresOn?: Date;
31
- refreshOn?: Date;
32
- tokenType: string;
33
- correlationId: string;
34
- requestId?: string;
35
- state?: string;
36
- familyId?: string;
37
- cloudGraphHostName?: string;
38
- msGraphHost?: string;
39
- code?: string;
40
- fromNativeBroker?: boolean;
41
- };
1
+ import { AccountInfo } from "../account/AccountInfo";
2
+ /**
3
+ * Result returned from the authority's token endpoint.
4
+ * - uniqueId - `oid` or `sub` claim from ID token
5
+ * - tenantId - `tid` claim from ID token
6
+ * - scopes - Scopes that are validated for the respective token
7
+ * - account - An account object representation of the currently signed-in user
8
+ * - idToken - Id token received as part of the response
9
+ * - idTokenClaims - MSAL-relevant ID token claims
10
+ * - accessToken - Access token or SSH certificate received as part of the response
11
+ * - fromCache - Boolean denoting whether token came from cache
12
+ * - expiresOn - Javascript Date object representing relative expiration of access token
13
+ * - extExpiresOn - Javascript Date object representing extended relative expiration of access token in case of server outage
14
+ * - refreshOn - Javascript Date object representing relative time until an access token must be refreshed
15
+ * - state - Value passed in by user in request
16
+ * - familyId - Family ID identifier, usually only used for refresh tokens
17
+ * - requestId - Request ID returned as part of the response
18
+ */
19
+ export type AuthenticationResult = {
20
+ authority: string;
21
+ uniqueId: string;
22
+ tenantId: string;
23
+ scopes: Array<string>;
24
+ account: AccountInfo | null;
25
+ idToken: string;
26
+ idTokenClaims: object;
27
+ accessToken: string;
28
+ fromCache: boolean;
29
+ expiresOn: Date | null;
30
+ extExpiresOn?: Date;
31
+ refreshOn?: Date;
32
+ tokenType: string;
33
+ correlationId: string;
34
+ requestId?: string;
35
+ state?: string;
36
+ familyId?: string;
37
+ cloudGraphHostName?: string;
38
+ msGraphHost?: string;
39
+ code?: string;
40
+ fromNativeBroker?: boolean;
41
+ };
42
42
  //# sourceMappingURL=AuthenticationResult.d.ts.map
@@ -1,14 +1,14 @@
1
- /**
2
- * Response returned after processing the code response query string or fragment.
3
- */
4
- export type AuthorizationCodePayload = {
5
- code: string;
6
- cloud_instance_name?: string;
7
- cloud_instance_host_name?: string;
8
- cloud_graph_host_name?: string;
9
- msgraph_host?: string;
10
- state?: string;
11
- nonce?: string;
12
- client_info?: string;
13
- };
1
+ /**
2
+ * Response returned after processing the code response query string or fragment.
3
+ */
4
+ export type AuthorizationCodePayload = {
5
+ code: string;
6
+ cloud_instance_name?: string;
7
+ cloud_instance_host_name?: string;
8
+ cloud_graph_host_name?: string;
9
+ msgraph_host?: string;
10
+ state?: string;
11
+ nonce?: string;
12
+ client_info?: string;
13
+ };
14
14
  //# sourceMappingURL=AuthorizationCodePayload.d.ts.map
@@ -1,26 +1,26 @@
1
- /**
2
- * DeviceCode returned by the security token service device code endpoint containing information necessary for device code flow.
3
- * - userCode: code which user needs to provide when authenticating at the verification URI
4
- * - deviceCode: code which should be included in the request for the access token
5
- * - verificationUri: URI where user can authenticate
6
- * - expiresIn: expiration time of the device code in seconds
7
- * - interval: interval at which the STS should be polled at
8
- * - message: message which should be displayed to the user
9
- */
10
- export type DeviceCodeResponse = {
11
- userCode: string;
12
- deviceCode: string;
13
- verificationUri: string;
14
- expiresIn: number;
15
- interval: number;
16
- message: string;
17
- };
18
- export type ServerDeviceCodeResponse = {
19
- user_code: string;
20
- device_code: string;
21
- verification_uri: string;
22
- expires_in: number;
23
- interval: number;
24
- message: string;
25
- };
1
+ /**
2
+ * DeviceCode returned by the security token service device code endpoint containing information necessary for device code flow.
3
+ * - userCode: code which user needs to provide when authenticating at the verification URI
4
+ * - deviceCode: code which should be included in the request for the access token
5
+ * - verificationUri: URI where user can authenticate
6
+ * - expiresIn: expiration time of the device code in seconds
7
+ * - interval: interval at which the STS should be polled at
8
+ * - message: message which should be displayed to the user
9
+ */
10
+ export type DeviceCodeResponse = {
11
+ userCode: string;
12
+ deviceCode: string;
13
+ verificationUri: string;
14
+ expiresIn: number;
15
+ interval: number;
16
+ message: string;
17
+ };
18
+ export type ServerDeviceCodeResponse = {
19
+ user_code: string;
20
+ device_code: string;
21
+ verification_uri: string;
22
+ expires_in: number;
23
+ interval: number;
24
+ message: string;
25
+ };
26
26
  //# sourceMappingURL=DeviceCodeResponse.d.ts.map
@@ -1,16 +1,16 @@
1
- import { ServerAuthorizationTokenResponse } from "./ServerAuthorizationTokenResponse";
2
- /**
3
- * Response object used for loading external tokens to cache.
4
- * - token_type: Indicates the token type value. The only type that Azure AD supports is Bearer.
5
- * - scope: The scopes that the access_token is valid for.
6
- * - expires_in: How long the access token is valid (in seconds).
7
- * - id_token: A JSON Web Token (JWT). The app can decode the segments of this token to request information about the user who signed in.
8
- * - refresh_token: An OAuth 2.0 refresh token. The app can use this token acquire additional access tokens after the current access token expires.
9
- * - access_token: The requested access token. The app can use this token to authenticate to the secured resource, such as a web API.
10
- * - client_info: Client info object
11
- */
12
- export type ExternalTokenResponse = Pick<ServerAuthorizationTokenResponse, "token_type" | "scope" | "expires_in" | "ext_expires_in" | "id_token" | "refresh_token" | "refresh_token_expires_in" | "foci"> & {
13
- access_token?: string;
14
- client_info?: string;
15
- };
1
+ import { ServerAuthorizationTokenResponse } from "./ServerAuthorizationTokenResponse";
2
+ /**
3
+ * Response object used for loading external tokens to cache.
4
+ * - token_type: Indicates the token type value. The only type that Azure AD supports is Bearer.
5
+ * - scope: The scopes that the access_token is valid for.
6
+ * - expires_in: How long the access token is valid (in seconds).
7
+ * - id_token: A JSON Web Token (JWT). The app can decode the segments of this token to request information about the user who signed in.
8
+ * - refresh_token: An OAuth 2.0 refresh token. The app can use this token acquire additional access tokens after the current access token expires.
9
+ * - access_token: The requested access token. The app can use this token to authenticate to the secured resource, such as a web API.
10
+ * - client_info: Client info object
11
+ */
12
+ export type ExternalTokenResponse = Pick<ServerAuthorizationTokenResponse, "token_type" | "scope" | "expires_in" | "ext_expires_in" | "id_token" | "refresh_token" | "refresh_token_expires_in" | "foci"> & {
13
+ access_token?: string;
14
+ client_info?: string;
15
+ };
16
16
  //# sourceMappingURL=ExternalTokenResponse.d.ts.map
@@ -1,5 +1,5 @@
1
- export type IMDSBadResponse = {
2
- error: string;
3
- "newest-versions": Array<string>;
4
- };
1
+ export type IMDSBadResponse = {
2
+ error: string;
3
+ "newest-versions": Array<string>;
4
+ };
5
5
  //# sourceMappingURL=IMDSBadResponse.d.ts.map