@azure/msal-common 14.13.1 → 14.14.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (193) hide show
  1. package/dist/account/AccountInfo.d.ts +66 -66
  2. package/dist/account/AccountInfo.mjs +77 -77
  3. package/dist/account/AuthToken.d.ts +17 -17
  4. package/dist/account/AuthToken.mjs +58 -58
  5. package/dist/account/CcsCredential.d.ts +9 -9
  6. package/dist/account/CcsCredential.mjs +8 -8
  7. package/dist/account/ClientCredentials.d.ts +19 -19
  8. package/dist/account/ClientInfo.d.ts +18 -18
  9. package/dist/account/ClientInfo.mjs +37 -37
  10. package/dist/account/TokenClaims.d.ts +83 -83
  11. package/dist/account/TokenClaims.mjs +20 -20
  12. package/dist/authority/Authority.d.ts +254 -254
  13. package/dist/authority/Authority.mjs +836 -836
  14. package/dist/authority/AuthorityFactory.d.ts +18 -18
  15. package/dist/authority/AuthorityFactory.mjs +28 -28
  16. package/dist/authority/AuthorityMetadata.d.ts +43 -43
  17. package/dist/authority/AuthorityMetadata.mjs +137 -137
  18. package/dist/authority/AuthorityOptions.d.ts +27 -27
  19. package/dist/authority/AuthorityOptions.mjs +18 -18
  20. package/dist/authority/AuthorityType.d.ts +10 -10
  21. package/dist/authority/AuthorityType.mjs +13 -13
  22. package/dist/authority/AzureRegion.d.ts +1 -1
  23. package/dist/authority/AzureRegionConfiguration.d.ts +5 -5
  24. package/dist/authority/CloudDiscoveryMetadata.d.ts +5 -5
  25. package/dist/authority/CloudInstanceDiscoveryErrorResponse.d.ts +13 -13
  26. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +8 -8
  27. package/dist/authority/CloudInstanceDiscoveryResponse.d.ts +9 -9
  28. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +8 -8
  29. package/dist/authority/ImdsOptions.d.ts +5 -5
  30. package/dist/authority/OIDCOptions.d.ts +8 -8
  31. package/dist/authority/OpenIdConfigResponse.d.ts +11 -11
  32. package/dist/authority/OpenIdConfigResponse.mjs +10 -10
  33. package/dist/authority/ProtocolMode.d.ts +8 -8
  34. package/dist/authority/ProtocolMode.mjs +11 -11
  35. package/dist/authority/RegionDiscovery.d.ts +32 -32
  36. package/dist/authority/RegionDiscovery.mjs +106 -106
  37. package/dist/authority/RegionDiscoveryMetadata.d.ts +6 -6
  38. package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +15 -15
  39. package/dist/cache/CacheManager.d.ts +497 -497
  40. package/dist/cache/CacheManager.mjs +1249 -1249
  41. package/dist/cache/entities/AccessTokenEntity.d.ts +25 -25
  42. package/dist/cache/entities/AccountEntity.d.ts +106 -106
  43. package/dist/cache/entities/AccountEntity.mjs +240 -240
  44. package/dist/cache/entities/AppMetadataEntity.d.ts +11 -11
  45. package/dist/cache/entities/AuthorityMetadataEntity.d.ts +15 -15
  46. package/dist/cache/entities/CacheRecord.d.ts +13 -13
  47. package/dist/cache/entities/CredentialEntity.d.ts +30 -30
  48. package/dist/cache/entities/IdTokenEntity.d.ts +8 -8
  49. package/dist/cache/entities/RefreshTokenEntity.d.ts +7 -7
  50. package/dist/cache/entities/ServerTelemetryEntity.d.ts +6 -5
  51. package/dist/cache/entities/ServerTelemetryEntity.d.ts.map +1 -1
  52. package/dist/cache/entities/ThrottlingEntity.d.ts +7 -7
  53. package/dist/cache/interface/ICacheManager.d.ts +166 -166
  54. package/dist/cache/interface/ICachePlugin.d.ts +5 -5
  55. package/dist/cache/interface/ISerializableTokenCache.d.ts +4 -4
  56. package/dist/cache/persistence/TokenCacheContext.d.ts +23 -23
  57. package/dist/cache/persistence/TokenCacheContext.mjs +25 -25
  58. package/dist/cache/utils/CacheHelpers.d.ts +94 -94
  59. package/dist/cache/utils/CacheHelpers.mjs +324 -324
  60. package/dist/cache/utils/CacheTypes.d.ts +69 -69
  61. package/dist/client/AuthorizationCodeClient.d.ts +74 -74
  62. package/dist/client/AuthorizationCodeClient.mjs +420 -420
  63. package/dist/client/BaseClient.d.ts +51 -51
  64. package/dist/client/BaseClient.mjs +100 -100
  65. package/dist/client/RefreshTokenClient.d.ts +35 -35
  66. package/dist/client/RefreshTokenClient.mjs +211 -211
  67. package/dist/client/SilentFlowClient.d.ts +27 -27
  68. package/dist/client/SilentFlowClient.mjs +133 -133
  69. package/dist/config/AppTokenProvider.d.ts +38 -38
  70. package/dist/config/ClientConfiguration.d.ts +150 -150
  71. package/dist/config/ClientConfiguration.mjs +95 -95
  72. package/dist/constants/AADServerParamKeys.d.ts +53 -52
  73. package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
  74. package/dist/constants/AADServerParamKeys.mjs +59 -58
  75. package/dist/constants/AADServerParamKeys.mjs.map +1 -1
  76. package/dist/crypto/ICrypto.d.ts +68 -68
  77. package/dist/crypto/ICrypto.mjs +36 -36
  78. package/dist/crypto/IGuidGenerator.d.ts +4 -4
  79. package/dist/crypto/JoseHeader.d.ts +22 -22
  80. package/dist/crypto/JoseHeader.mjs +37 -37
  81. package/dist/crypto/PopTokenGenerator.d.ts +59 -59
  82. package/dist/crypto/PopTokenGenerator.mjs +81 -81
  83. package/dist/crypto/SignedHttpRequest.d.ts +15 -15
  84. package/dist/error/AuthError.d.ts +44 -44
  85. package/dist/error/AuthError.mjs +46 -46
  86. package/dist/error/AuthErrorCodes.d.ts +5 -5
  87. package/dist/error/AuthErrorCodes.mjs +9 -9
  88. package/dist/error/CacheError.d.ts +20 -20
  89. package/dist/error/CacheError.mjs +24 -24
  90. package/dist/error/CacheErrorCodes.d.ts +2 -2
  91. package/dist/error/CacheErrorCodes.mjs +6 -6
  92. package/dist/error/ClientAuthError.d.ts +237 -237
  93. package/dist/error/ClientAuthError.mjs +249 -249
  94. package/dist/error/ClientAuthErrorCodes.d.ts +44 -44
  95. package/dist/error/ClientAuthErrorCodes.mjs +48 -48
  96. package/dist/error/ClientConfigurationError.d.ts +128 -128
  97. package/dist/error/ClientConfigurationError.mjs +135 -135
  98. package/dist/error/ClientConfigurationErrorCodes.d.ts +22 -22
  99. package/dist/error/ClientConfigurationErrorCodes.mjs +26 -26
  100. package/dist/error/InteractionRequiredAuthError.d.ts +65 -65
  101. package/dist/error/InteractionRequiredAuthError.mjs +85 -85
  102. package/dist/error/InteractionRequiredAuthErrorCodes.d.ts +7 -7
  103. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +13 -13
  104. package/dist/error/JoseHeaderError.d.ts +15 -15
  105. package/dist/error/JoseHeaderError.mjs +22 -22
  106. package/dist/error/JoseHeaderErrorCodes.d.ts +2 -2
  107. package/dist/error/JoseHeaderErrorCodes.mjs +6 -6
  108. package/dist/error/ServerError.d.ts +15 -15
  109. package/dist/error/ServerError.mjs +16 -16
  110. package/dist/index.cjs +8664 -8599
  111. package/dist/index.cjs.map +1 -1
  112. package/dist/index.d.ts +107 -107
  113. package/dist/index.mjs +1 -1
  114. package/dist/logger/Logger.d.ts +95 -95
  115. package/dist/logger/Logger.mjs +188 -188
  116. package/dist/network/INetworkModule.d.ts +29 -29
  117. package/dist/network/INetworkModule.mjs +12 -12
  118. package/dist/network/NetworkManager.d.ts +33 -33
  119. package/dist/network/NetworkManager.mjs +34 -34
  120. package/dist/network/RequestThumbprint.d.ts +18 -18
  121. package/dist/network/ThrottlingUtils.d.ts +42 -42
  122. package/dist/network/ThrottlingUtils.mjs +95 -95
  123. package/dist/packageMetadata.d.ts +2 -2
  124. package/dist/packageMetadata.mjs +4 -4
  125. package/dist/request/AuthenticationHeaderParser.d.ts +19 -19
  126. package/dist/request/AuthenticationHeaderParser.mjs +55 -55
  127. package/dist/request/BaseAuthRequest.d.ts +47 -47
  128. package/dist/request/CommonAuthorizationCodeRequest.d.ts +27 -27
  129. package/dist/request/CommonAuthorizationUrlRequest.d.ts +50 -50
  130. package/dist/request/CommonClientCredentialRequest.d.ts +17 -17
  131. package/dist/request/CommonDeviceCodeRequest.d.ts +21 -21
  132. package/dist/request/CommonEndSessionRequest.d.ts +21 -21
  133. package/dist/request/CommonOnBehalfOfRequest.d.ts +13 -13
  134. package/dist/request/CommonRefreshTokenRequest.d.ts +22 -22
  135. package/dist/request/CommonSilentFlowRequest.d.ts +27 -27
  136. package/dist/request/CommonUsernamePasswordRequest.d.ts +17 -17
  137. package/dist/request/NativeRequest.d.ts +19 -19
  138. package/dist/request/NativeSignOutRequest.d.ts +5 -5
  139. package/dist/request/RequestParameterBuilder.d.ts +217 -217
  140. package/dist/request/RequestParameterBuilder.mjs +382 -382
  141. package/dist/request/RequestValidator.d.ts +27 -27
  142. package/dist/request/RequestValidator.mjs +64 -64
  143. package/dist/request/ScopeSet.d.ts +88 -88
  144. package/dist/request/ScopeSet.mjs +197 -197
  145. package/dist/request/StoreInCache.d.ts +8 -8
  146. package/dist/response/AuthenticationResult.d.ts +41 -41
  147. package/dist/response/AuthorizationCodePayload.d.ts +13 -13
  148. package/dist/response/DeviceCodeResponse.d.ts +25 -25
  149. package/dist/response/ExternalTokenResponse.d.ts +15 -15
  150. package/dist/response/IMDSBadResponse.d.ts +4 -4
  151. package/dist/response/ResponseHandler.d.ts +69 -69
  152. package/dist/response/ResponseHandler.mjs +374 -374
  153. package/dist/response/ServerAuthorizationCodeResponse.d.ts +26 -26
  154. package/dist/response/ServerAuthorizationTokenResponse.d.ts +47 -47
  155. package/dist/telemetry/performance/IPerformanceClient.d.ts +57 -57
  156. package/dist/telemetry/performance/IPerformanceMeasurement.d.ts +5 -5
  157. package/dist/telemetry/performance/PerformanceClient.d.ts +242 -242
  158. package/dist/telemetry/performance/PerformanceClient.mjs +587 -587
  159. package/dist/telemetry/performance/PerformanceEvent.d.ts +515 -505
  160. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  161. package/dist/telemetry/performance/PerformanceEvent.mjs +484 -480
  162. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  163. package/dist/telemetry/performance/StubPerformanceClient.d.ts +24 -24
  164. package/dist/telemetry/performance/StubPerformanceClient.mjs +76 -76
  165. package/dist/telemetry/server/ServerTelemetryManager.d.ts +78 -66
  166. package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
  167. package/dist/telemetry/server/ServerTelemetryManager.mjs +260 -201
  168. package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  169. package/dist/telemetry/server/ServerTelemetryRequest.d.ts +8 -8
  170. package/dist/url/IUri.d.ts +12 -12
  171. package/dist/url/UrlString.d.ts +48 -48
  172. package/dist/url/UrlString.mjs +161 -161
  173. package/dist/utils/ClientAssertionUtils.d.ts +2 -2
  174. package/dist/utils/ClientAssertionUtils.mjs +16 -16
  175. package/dist/utils/Constants.d.ts +309 -309
  176. package/dist/utils/Constants.mjs +322 -322
  177. package/dist/utils/FunctionWrappers.d.ts +27 -27
  178. package/dist/utils/FunctionWrappers.mjs +94 -94
  179. package/dist/utils/MsalTypes.d.ts +6 -6
  180. package/dist/utils/ProtocolUtils.d.ts +42 -42
  181. package/dist/utils/ProtocolUtils.mjs +69 -69
  182. package/dist/utils/StringUtils.d.ts +40 -40
  183. package/dist/utils/StringUtils.mjs +95 -95
  184. package/dist/utils/TimeUtils.d.ts +25 -25
  185. package/dist/utils/TimeUtils.mjs +43 -43
  186. package/dist/utils/UrlUtils.d.ts +10 -10
  187. package/dist/utils/UrlUtils.mjs +44 -44
  188. package/package.json +1 -1
  189. package/src/cache/entities/ServerTelemetryEntity.ts +1 -0
  190. package/src/constants/AADServerParamKeys.ts +1 -0
  191. package/src/packageMetadata.ts +1 -1
  192. package/src/telemetry/performance/PerformanceEvent.ts +12 -0
  193. package/src/telemetry/server/ServerTelemetryManager.ts +95 -1
@@ -1,326 +1,326 @@
1
- /*! @azure/msal-common v14.13.1 2024-07-16 */
1
+ /*! @azure/msal-common v14.14.1 2024-08-13 */
2
2
  'use strict';
3
- /*
4
- * Copyright (c) Microsoft Corporation. All rights reserved.
5
- * Licensed under the MIT License.
6
- */
7
- const Constants = {
8
- LIBRARY_NAME: "MSAL.JS",
9
- SKU: "msal.js.common",
10
- // Prefix for all library cache entries
11
- CACHE_PREFIX: "msal",
12
- // default authority
13
- DEFAULT_AUTHORITY: "https://login.microsoftonline.com/common/",
14
- DEFAULT_AUTHORITY_HOST: "login.microsoftonline.com",
15
- DEFAULT_COMMON_TENANT: "common",
16
- // ADFS String
17
- ADFS: "adfs",
18
- DSTS: "dstsv2",
19
- // Default AAD Instance Discovery Endpoint
20
- AAD_INSTANCE_DISCOVERY_ENDPT: "https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=",
21
- // CIAM URL
22
- CIAM_AUTH_URL: ".ciamlogin.com",
23
- AAD_TENANT_DOMAIN_SUFFIX: ".onmicrosoft.com",
24
- // Resource delimiter - used for certain cache entries
25
- RESOURCE_DELIM: "|",
26
- // Placeholder for non-existent account ids/objects
27
- NO_ACCOUNT: "NO_ACCOUNT",
28
- // Claims
29
- CLAIMS: "claims",
30
- // Consumer UTID
31
- CONSUMER_UTID: "9188040d-6c67-4c5b-b112-36a304b66dad",
32
- // Default scopes
33
- OPENID_SCOPE: "openid",
34
- PROFILE_SCOPE: "profile",
35
- OFFLINE_ACCESS_SCOPE: "offline_access",
36
- EMAIL_SCOPE: "email",
37
- // Default response type for authorization code flow
38
- CODE_RESPONSE_TYPE: "code",
39
- CODE_GRANT_TYPE: "authorization_code",
40
- RT_GRANT_TYPE: "refresh_token",
41
- FRAGMENT_RESPONSE_MODE: "fragment",
42
- S256_CODE_CHALLENGE_METHOD: "S256",
43
- URL_FORM_CONTENT_TYPE: "application/x-www-form-urlencoded;charset=utf-8",
44
- AUTHORIZATION_PENDING: "authorization_pending",
45
- NOT_DEFINED: "not_defined",
46
- EMPTY_STRING: "",
47
- NOT_APPLICABLE: "N/A",
48
- NOT_AVAILABLE: "Not Available",
49
- FORWARD_SLASH: "/",
50
- IMDS_ENDPOINT: "http://169.254.169.254/metadata/instance/compute/location",
51
- IMDS_VERSION: "2020-06-01",
52
- IMDS_TIMEOUT: 2000,
53
- AZURE_REGION_AUTO_DISCOVER_FLAG: "TryAutoDetect",
54
- REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX: "login.microsoft.com",
55
- KNOWN_PUBLIC_CLOUDS: [
56
- "login.microsoftonline.com",
57
- "login.windows.net",
58
- "login.microsoft.com",
59
- "sts.windows.net",
60
- ],
61
- TOKEN_RESPONSE_TYPE: "token",
62
- ID_TOKEN_RESPONSE_TYPE: "id_token",
63
- SHR_NONCE_VALIDITY: 240,
64
- INVALID_INSTANCE: "invalid_instance",
65
- };
66
- const HttpStatus = {
67
- SUCCESS: 200,
68
- SUCCESS_RANGE_START: 200,
69
- SUCCESS_RANGE_END: 299,
70
- REDIRECT: 302,
71
- CLIENT_ERROR: 400,
72
- CLIENT_ERROR_RANGE_START: 400,
73
- BAD_REQUEST: 400,
74
- UNAUTHORIZED: 401,
75
- NOT_FOUND: 404,
76
- REQUEST_TIMEOUT: 408,
77
- TOO_MANY_REQUESTS: 429,
78
- CLIENT_ERROR_RANGE_END: 499,
79
- SERVER_ERROR: 500,
80
- SERVER_ERROR_RANGE_START: 500,
81
- SERVICE_UNAVAILABLE: 503,
82
- GATEWAY_TIMEOUT: 504,
83
- SERVER_ERROR_RANGE_END: 599,
84
- MULTI_SIDED_ERROR: 600,
85
- };
86
- const OIDC_DEFAULT_SCOPES = [
87
- Constants.OPENID_SCOPE,
88
- Constants.PROFILE_SCOPE,
89
- Constants.OFFLINE_ACCESS_SCOPE,
90
- ];
91
- const OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, Constants.EMAIL_SCOPE];
92
- /**
93
- * Request header names
94
- */
95
- const HeaderNames = {
96
- CONTENT_TYPE: "Content-Type",
97
- RETRY_AFTER: "Retry-After",
98
- CCS_HEADER: "X-AnchorMailbox",
99
- WWWAuthenticate: "WWW-Authenticate",
100
- AuthenticationInfo: "Authentication-Info",
101
- X_MS_REQUEST_ID: "x-ms-request-id",
102
- X_MS_HTTP_VERSION: "x-ms-httpver",
103
- };
104
- /**
105
- * Persistent cache keys MSAL which stay while user is logged in.
106
- */
107
- const PersistentCacheKeys = {
108
- ID_TOKEN: "idtoken",
109
- CLIENT_INFO: "client.info",
110
- ADAL_ID_TOKEN: "adal.idtoken",
111
- ERROR: "error",
112
- ERROR_DESC: "error.description",
113
- ACTIVE_ACCOUNT: "active-account",
114
- ACTIVE_ACCOUNT_FILTERS: "active-account-filters", // new cache entry for active_account for a more robust version for browser
115
- };
116
- /**
117
- * String constants related to AAD Authority
118
- */
119
- const AADAuthorityConstants = {
120
- COMMON: "common",
121
- ORGANIZATIONS: "organizations",
122
- CONSUMERS: "consumers",
123
- };
124
- /**
125
- * Claims request keys
126
- */
127
- const ClaimsRequestKeys = {
128
- ACCESS_TOKEN: "access_token",
129
- XMS_CC: "xms_cc",
130
- };
131
- /**
132
- * we considered making this "enum" in the request instead of string, however it looks like the allowed list of
133
- * prompt values kept changing over past couple of years. There are some undocumented prompt values for some
134
- * internal partners too, hence the choice of generic "string" type instead of the "enum"
135
- */
136
- const PromptValue = {
137
- LOGIN: "login",
138
- SELECT_ACCOUNT: "select_account",
139
- CONSENT: "consent",
140
- NONE: "none",
141
- CREATE: "create",
142
- NO_SESSION: "no_session",
143
- };
144
- /**
145
- * allowed values for codeVerifier
146
- */
147
- const CodeChallengeMethodValues = {
148
- PLAIN: "plain",
149
- S256: "S256",
150
- };
151
- /**
152
- * allowed values for server response type
153
- */
154
- const ServerResponseType = {
155
- QUERY: "query",
156
- FRAGMENT: "fragment",
157
- };
158
- /**
159
- * allowed values for response_mode
160
- */
161
- const ResponseMode = {
162
- ...ServerResponseType,
163
- FORM_POST: "form_post",
164
- };
165
- /**
166
- * allowed grant_type
167
- */
168
- const GrantType = {
169
- IMPLICIT_GRANT: "implicit",
170
- AUTHORIZATION_CODE_GRANT: "authorization_code",
171
- CLIENT_CREDENTIALS_GRANT: "client_credentials",
172
- RESOURCE_OWNER_PASSWORD_GRANT: "password",
173
- REFRESH_TOKEN_GRANT: "refresh_token",
174
- DEVICE_CODE_GRANT: "device_code",
175
- JWT_BEARER: "urn:ietf:params:oauth:grant-type:jwt-bearer",
176
- };
177
- /**
178
- * Account types in Cache
179
- */
180
- const CacheAccountType = {
181
- MSSTS_ACCOUNT_TYPE: "MSSTS",
182
- ADFS_ACCOUNT_TYPE: "ADFS",
183
- MSAV1_ACCOUNT_TYPE: "MSA",
184
- GENERIC_ACCOUNT_TYPE: "Generic", // NTLM, Kerberos, FBA, Basic etc
185
- };
186
- /**
187
- * Separators used in cache
188
- */
189
- const Separators = {
190
- CACHE_KEY_SEPARATOR: "-",
191
- CLIENT_INFO_SEPARATOR: ".",
192
- };
193
- /**
194
- * Credential Type stored in the cache
195
- */
196
- const CredentialType = {
197
- ID_TOKEN: "IdToken",
198
- ACCESS_TOKEN: "AccessToken",
199
- ACCESS_TOKEN_WITH_AUTH_SCHEME: "AccessToken_With_AuthScheme",
200
- REFRESH_TOKEN: "RefreshToken",
201
- };
202
- /**
203
- * Combine all cache types
204
- */
205
- const CacheType = {
206
- ADFS: 1001,
207
- MSA: 1002,
208
- MSSTS: 1003,
209
- GENERIC: 1004,
210
- ACCESS_TOKEN: 2001,
211
- REFRESH_TOKEN: 2002,
212
- ID_TOKEN: 2003,
213
- APP_METADATA: 3001,
214
- UNDEFINED: 9999,
215
- };
216
- /**
217
- * More Cache related constants
218
- */
219
- const APP_METADATA = "appmetadata";
220
- const CLIENT_INFO = "client_info";
221
- const THE_FAMILY_ID = "1";
222
- const AUTHORITY_METADATA_CONSTANTS = {
223
- CACHE_KEY: "authority-metadata",
224
- REFRESH_TIME_SECONDS: 3600 * 24, // 24 Hours
225
- };
226
- const AuthorityMetadataSource = {
227
- CONFIG: "config",
228
- CACHE: "cache",
229
- NETWORK: "network",
230
- HARDCODED_VALUES: "hardcoded_values",
231
- };
232
- const SERVER_TELEM_CONSTANTS = {
233
- SCHEMA_VERSION: 5,
234
- MAX_CUR_HEADER_BYTES: 80,
235
- MAX_LAST_HEADER_BYTES: 330,
236
- MAX_CACHED_ERRORS: 50,
237
- CACHE_KEY: "server-telemetry",
238
- CATEGORY_SEPARATOR: "|",
239
- VALUE_SEPARATOR: ",",
240
- OVERFLOW_TRUE: "1",
241
- OVERFLOW_FALSE: "0",
242
- UNKNOWN_ERROR: "unknown_error",
243
- };
244
- /**
245
- * Type of the authentication request
246
- */
247
- const AuthenticationScheme = {
248
- BEARER: "Bearer",
249
- POP: "pop",
250
- SSH: "ssh-cert",
251
- };
252
- /**
253
- * Constants related to throttling
254
- */
255
- const ThrottlingConstants = {
256
- // Default time to throttle RequestThumbprint in seconds
257
- DEFAULT_THROTTLE_TIME_SECONDS: 60,
258
- // Default maximum time to throttle in seconds, overrides what the server sends back
259
- DEFAULT_MAX_THROTTLE_TIME_SECONDS: 3600,
260
- // Prefix for storing throttling entries
261
- THROTTLING_PREFIX: "throttling",
262
- // Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling
263
- X_MS_LIB_CAPABILITY_VALUE: "retry-after, h429",
264
- };
265
- const Errors = {
266
- INVALID_GRANT_ERROR: "invalid_grant",
267
- CLIENT_MISMATCH_ERROR: "client_mismatch",
268
- };
269
- /**
270
- * Password grant parameters
271
- */
272
- const PasswordGrantConstants = {
273
- username: "username",
274
- password: "password",
275
- };
276
- /**
277
- * Response codes
278
- */
279
- const ResponseCodes = {
280
- httpSuccess: 200,
281
- httpBadRequest: 400,
282
- };
283
- /**
284
- * Region Discovery Sources
285
- */
286
- const RegionDiscoverySources = {
287
- FAILED_AUTO_DETECTION: "1",
288
- INTERNAL_CACHE: "2",
289
- ENVIRONMENT_VARIABLE: "3",
290
- IMDS: "4",
291
- };
292
- /**
293
- * Region Discovery Outcomes
294
- */
295
- const RegionDiscoveryOutcomes = {
296
- CONFIGURED_MATCHES_DETECTED: "1",
297
- CONFIGURED_NO_AUTO_DETECTION: "2",
298
- CONFIGURED_NOT_DETECTED: "3",
299
- AUTO_DETECTION_REQUESTED_SUCCESSFUL: "4",
300
- AUTO_DETECTION_REQUESTED_FAILED: "5",
301
- };
302
- /**
303
- * Specifies the reason for fetching the access token from the identity provider
304
- */
305
- const CacheOutcome = {
306
- // When a token is found in the cache or the cache is not supposed to be hit when making the request
307
- NOT_APPLICABLE: "0",
308
- // When the token request goes to the identity provider because force_refresh was set to true. Also occurs if claims were requested
309
- FORCE_REFRESH_OR_CLAIMS: "1",
310
- // When the token request goes to the identity provider because no cached access token exists
311
- NO_CACHED_ACCESS_TOKEN: "2",
312
- // When the token request goes to the identity provider because cached access token expired
313
- CACHED_ACCESS_TOKEN_EXPIRED: "3",
314
- // When the token request goes to the identity provider because refresh_in was used and the existing token needs to be refreshed
315
- PROACTIVELY_REFRESHED: "4",
316
- };
317
- const JsonWebTokenTypes = {
318
- Jwt: "JWT",
319
- Jwk: "JWK",
320
- Pop: "pop",
321
- };
322
- const ONE_DAY_IN_MS = 86400000;
323
- // Token renewal offset default in seconds
3
+ /*
4
+ * Copyright (c) Microsoft Corporation. All rights reserved.
5
+ * Licensed under the MIT License.
6
+ */
7
+ const Constants = {
8
+ LIBRARY_NAME: "MSAL.JS",
9
+ SKU: "msal.js.common",
10
+ // Prefix for all library cache entries
11
+ CACHE_PREFIX: "msal",
12
+ // default authority
13
+ DEFAULT_AUTHORITY: "https://login.microsoftonline.com/common/",
14
+ DEFAULT_AUTHORITY_HOST: "login.microsoftonline.com",
15
+ DEFAULT_COMMON_TENANT: "common",
16
+ // ADFS String
17
+ ADFS: "adfs",
18
+ DSTS: "dstsv2",
19
+ // Default AAD Instance Discovery Endpoint
20
+ AAD_INSTANCE_DISCOVERY_ENDPT: "https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=",
21
+ // CIAM URL
22
+ CIAM_AUTH_URL: ".ciamlogin.com",
23
+ AAD_TENANT_DOMAIN_SUFFIX: ".onmicrosoft.com",
24
+ // Resource delimiter - used for certain cache entries
25
+ RESOURCE_DELIM: "|",
26
+ // Placeholder for non-existent account ids/objects
27
+ NO_ACCOUNT: "NO_ACCOUNT",
28
+ // Claims
29
+ CLAIMS: "claims",
30
+ // Consumer UTID
31
+ CONSUMER_UTID: "9188040d-6c67-4c5b-b112-36a304b66dad",
32
+ // Default scopes
33
+ OPENID_SCOPE: "openid",
34
+ PROFILE_SCOPE: "profile",
35
+ OFFLINE_ACCESS_SCOPE: "offline_access",
36
+ EMAIL_SCOPE: "email",
37
+ // Default response type for authorization code flow
38
+ CODE_RESPONSE_TYPE: "code",
39
+ CODE_GRANT_TYPE: "authorization_code",
40
+ RT_GRANT_TYPE: "refresh_token",
41
+ FRAGMENT_RESPONSE_MODE: "fragment",
42
+ S256_CODE_CHALLENGE_METHOD: "S256",
43
+ URL_FORM_CONTENT_TYPE: "application/x-www-form-urlencoded;charset=utf-8",
44
+ AUTHORIZATION_PENDING: "authorization_pending",
45
+ NOT_DEFINED: "not_defined",
46
+ EMPTY_STRING: "",
47
+ NOT_APPLICABLE: "N/A",
48
+ NOT_AVAILABLE: "Not Available",
49
+ FORWARD_SLASH: "/",
50
+ IMDS_ENDPOINT: "http://169.254.169.254/metadata/instance/compute/location",
51
+ IMDS_VERSION: "2020-06-01",
52
+ IMDS_TIMEOUT: 2000,
53
+ AZURE_REGION_AUTO_DISCOVER_FLAG: "TryAutoDetect",
54
+ REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX: "login.microsoft.com",
55
+ KNOWN_PUBLIC_CLOUDS: [
56
+ "login.microsoftonline.com",
57
+ "login.windows.net",
58
+ "login.microsoft.com",
59
+ "sts.windows.net",
60
+ ],
61
+ TOKEN_RESPONSE_TYPE: "token",
62
+ ID_TOKEN_RESPONSE_TYPE: "id_token",
63
+ SHR_NONCE_VALIDITY: 240,
64
+ INVALID_INSTANCE: "invalid_instance",
65
+ };
66
+ const HttpStatus = {
67
+ SUCCESS: 200,
68
+ SUCCESS_RANGE_START: 200,
69
+ SUCCESS_RANGE_END: 299,
70
+ REDIRECT: 302,
71
+ CLIENT_ERROR: 400,
72
+ CLIENT_ERROR_RANGE_START: 400,
73
+ BAD_REQUEST: 400,
74
+ UNAUTHORIZED: 401,
75
+ NOT_FOUND: 404,
76
+ REQUEST_TIMEOUT: 408,
77
+ TOO_MANY_REQUESTS: 429,
78
+ CLIENT_ERROR_RANGE_END: 499,
79
+ SERVER_ERROR: 500,
80
+ SERVER_ERROR_RANGE_START: 500,
81
+ SERVICE_UNAVAILABLE: 503,
82
+ GATEWAY_TIMEOUT: 504,
83
+ SERVER_ERROR_RANGE_END: 599,
84
+ MULTI_SIDED_ERROR: 600,
85
+ };
86
+ const OIDC_DEFAULT_SCOPES = [
87
+ Constants.OPENID_SCOPE,
88
+ Constants.PROFILE_SCOPE,
89
+ Constants.OFFLINE_ACCESS_SCOPE,
90
+ ];
91
+ const OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, Constants.EMAIL_SCOPE];
92
+ /**
93
+ * Request header names
94
+ */
95
+ const HeaderNames = {
96
+ CONTENT_TYPE: "Content-Type",
97
+ RETRY_AFTER: "Retry-After",
98
+ CCS_HEADER: "X-AnchorMailbox",
99
+ WWWAuthenticate: "WWW-Authenticate",
100
+ AuthenticationInfo: "Authentication-Info",
101
+ X_MS_REQUEST_ID: "x-ms-request-id",
102
+ X_MS_HTTP_VERSION: "x-ms-httpver",
103
+ };
104
+ /**
105
+ * Persistent cache keys MSAL which stay while user is logged in.
106
+ */
107
+ const PersistentCacheKeys = {
108
+ ID_TOKEN: "idtoken",
109
+ CLIENT_INFO: "client.info",
110
+ ADAL_ID_TOKEN: "adal.idtoken",
111
+ ERROR: "error",
112
+ ERROR_DESC: "error.description",
113
+ ACTIVE_ACCOUNT: "active-account",
114
+ ACTIVE_ACCOUNT_FILTERS: "active-account-filters", // new cache entry for active_account for a more robust version for browser
115
+ };
116
+ /**
117
+ * String constants related to AAD Authority
118
+ */
119
+ const AADAuthorityConstants = {
120
+ COMMON: "common",
121
+ ORGANIZATIONS: "organizations",
122
+ CONSUMERS: "consumers",
123
+ };
124
+ /**
125
+ * Claims request keys
126
+ */
127
+ const ClaimsRequestKeys = {
128
+ ACCESS_TOKEN: "access_token",
129
+ XMS_CC: "xms_cc",
130
+ };
131
+ /**
132
+ * we considered making this "enum" in the request instead of string, however it looks like the allowed list of
133
+ * prompt values kept changing over past couple of years. There are some undocumented prompt values for some
134
+ * internal partners too, hence the choice of generic "string" type instead of the "enum"
135
+ */
136
+ const PromptValue = {
137
+ LOGIN: "login",
138
+ SELECT_ACCOUNT: "select_account",
139
+ CONSENT: "consent",
140
+ NONE: "none",
141
+ CREATE: "create",
142
+ NO_SESSION: "no_session",
143
+ };
144
+ /**
145
+ * allowed values for codeVerifier
146
+ */
147
+ const CodeChallengeMethodValues = {
148
+ PLAIN: "plain",
149
+ S256: "S256",
150
+ };
151
+ /**
152
+ * allowed values for server response type
153
+ */
154
+ const ServerResponseType = {
155
+ QUERY: "query",
156
+ FRAGMENT: "fragment",
157
+ };
158
+ /**
159
+ * allowed values for response_mode
160
+ */
161
+ const ResponseMode = {
162
+ ...ServerResponseType,
163
+ FORM_POST: "form_post",
164
+ };
165
+ /**
166
+ * allowed grant_type
167
+ */
168
+ const GrantType = {
169
+ IMPLICIT_GRANT: "implicit",
170
+ AUTHORIZATION_CODE_GRANT: "authorization_code",
171
+ CLIENT_CREDENTIALS_GRANT: "client_credentials",
172
+ RESOURCE_OWNER_PASSWORD_GRANT: "password",
173
+ REFRESH_TOKEN_GRANT: "refresh_token",
174
+ DEVICE_CODE_GRANT: "device_code",
175
+ JWT_BEARER: "urn:ietf:params:oauth:grant-type:jwt-bearer",
176
+ };
177
+ /**
178
+ * Account types in Cache
179
+ */
180
+ const CacheAccountType = {
181
+ MSSTS_ACCOUNT_TYPE: "MSSTS",
182
+ ADFS_ACCOUNT_TYPE: "ADFS",
183
+ MSAV1_ACCOUNT_TYPE: "MSA",
184
+ GENERIC_ACCOUNT_TYPE: "Generic", // NTLM, Kerberos, FBA, Basic etc
185
+ };
186
+ /**
187
+ * Separators used in cache
188
+ */
189
+ const Separators = {
190
+ CACHE_KEY_SEPARATOR: "-",
191
+ CLIENT_INFO_SEPARATOR: ".",
192
+ };
193
+ /**
194
+ * Credential Type stored in the cache
195
+ */
196
+ const CredentialType = {
197
+ ID_TOKEN: "IdToken",
198
+ ACCESS_TOKEN: "AccessToken",
199
+ ACCESS_TOKEN_WITH_AUTH_SCHEME: "AccessToken_With_AuthScheme",
200
+ REFRESH_TOKEN: "RefreshToken",
201
+ };
202
+ /**
203
+ * Combine all cache types
204
+ */
205
+ const CacheType = {
206
+ ADFS: 1001,
207
+ MSA: 1002,
208
+ MSSTS: 1003,
209
+ GENERIC: 1004,
210
+ ACCESS_TOKEN: 2001,
211
+ REFRESH_TOKEN: 2002,
212
+ ID_TOKEN: 2003,
213
+ APP_METADATA: 3001,
214
+ UNDEFINED: 9999,
215
+ };
216
+ /**
217
+ * More Cache related constants
218
+ */
219
+ const APP_METADATA = "appmetadata";
220
+ const CLIENT_INFO = "client_info";
221
+ const THE_FAMILY_ID = "1";
222
+ const AUTHORITY_METADATA_CONSTANTS = {
223
+ CACHE_KEY: "authority-metadata",
224
+ REFRESH_TIME_SECONDS: 3600 * 24, // 24 Hours
225
+ };
226
+ const AuthorityMetadataSource = {
227
+ CONFIG: "config",
228
+ CACHE: "cache",
229
+ NETWORK: "network",
230
+ HARDCODED_VALUES: "hardcoded_values",
231
+ };
232
+ const SERVER_TELEM_CONSTANTS = {
233
+ SCHEMA_VERSION: 5,
234
+ MAX_CUR_HEADER_BYTES: 80,
235
+ MAX_LAST_HEADER_BYTES: 330,
236
+ MAX_CACHED_ERRORS: 50,
237
+ CACHE_KEY: "server-telemetry",
238
+ CATEGORY_SEPARATOR: "|",
239
+ VALUE_SEPARATOR: ",",
240
+ OVERFLOW_TRUE: "1",
241
+ OVERFLOW_FALSE: "0",
242
+ UNKNOWN_ERROR: "unknown_error",
243
+ };
244
+ /**
245
+ * Type of the authentication request
246
+ */
247
+ const AuthenticationScheme = {
248
+ BEARER: "Bearer",
249
+ POP: "pop",
250
+ SSH: "ssh-cert",
251
+ };
252
+ /**
253
+ * Constants related to throttling
254
+ */
255
+ const ThrottlingConstants = {
256
+ // Default time to throttle RequestThumbprint in seconds
257
+ DEFAULT_THROTTLE_TIME_SECONDS: 60,
258
+ // Default maximum time to throttle in seconds, overrides what the server sends back
259
+ DEFAULT_MAX_THROTTLE_TIME_SECONDS: 3600,
260
+ // Prefix for storing throttling entries
261
+ THROTTLING_PREFIX: "throttling",
262
+ // Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling
263
+ X_MS_LIB_CAPABILITY_VALUE: "retry-after, h429",
264
+ };
265
+ const Errors = {
266
+ INVALID_GRANT_ERROR: "invalid_grant",
267
+ CLIENT_MISMATCH_ERROR: "client_mismatch",
268
+ };
269
+ /**
270
+ * Password grant parameters
271
+ */
272
+ const PasswordGrantConstants = {
273
+ username: "username",
274
+ password: "password",
275
+ };
276
+ /**
277
+ * Response codes
278
+ */
279
+ const ResponseCodes = {
280
+ httpSuccess: 200,
281
+ httpBadRequest: 400,
282
+ };
283
+ /**
284
+ * Region Discovery Sources
285
+ */
286
+ const RegionDiscoverySources = {
287
+ FAILED_AUTO_DETECTION: "1",
288
+ INTERNAL_CACHE: "2",
289
+ ENVIRONMENT_VARIABLE: "3",
290
+ IMDS: "4",
291
+ };
292
+ /**
293
+ * Region Discovery Outcomes
294
+ */
295
+ const RegionDiscoveryOutcomes = {
296
+ CONFIGURED_MATCHES_DETECTED: "1",
297
+ CONFIGURED_NO_AUTO_DETECTION: "2",
298
+ CONFIGURED_NOT_DETECTED: "3",
299
+ AUTO_DETECTION_REQUESTED_SUCCESSFUL: "4",
300
+ AUTO_DETECTION_REQUESTED_FAILED: "5",
301
+ };
302
+ /**
303
+ * Specifies the reason for fetching the access token from the identity provider
304
+ */
305
+ const CacheOutcome = {
306
+ // When a token is found in the cache or the cache is not supposed to be hit when making the request
307
+ NOT_APPLICABLE: "0",
308
+ // When the token request goes to the identity provider because force_refresh was set to true. Also occurs if claims were requested
309
+ FORCE_REFRESH_OR_CLAIMS: "1",
310
+ // When the token request goes to the identity provider because no cached access token exists
311
+ NO_CACHED_ACCESS_TOKEN: "2",
312
+ // When the token request goes to the identity provider because cached access token expired
313
+ CACHED_ACCESS_TOKEN_EXPIRED: "3",
314
+ // When the token request goes to the identity provider because refresh_in was used and the existing token needs to be refreshed
315
+ PROACTIVELY_REFRESHED: "4",
316
+ };
317
+ const JsonWebTokenTypes = {
318
+ Jwt: "JWT",
319
+ Jwk: "JWK",
320
+ Pop: "pop",
321
+ };
322
+ const ONE_DAY_IN_MS = 86400000;
323
+ // Token renewal offset default in seconds
324
324
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
325
325
 
326
326
  export { AADAuthorityConstants, APP_METADATA, AUTHORITY_METADATA_CONSTANTS, AuthenticationScheme, AuthorityMetadataSource, CLIENT_INFO, CacheAccountType, CacheOutcome, CacheType, ClaimsRequestKeys, CodeChallengeMethodValues, Constants, CredentialType, DEFAULT_TOKEN_RENEWAL_OFFSET_SEC, Errors, GrantType, HeaderNames, HttpStatus, JsonWebTokenTypes, OIDC_DEFAULT_SCOPES, OIDC_SCOPES, ONE_DAY_IN_MS, PasswordGrantConstants, PersistentCacheKeys, PromptValue, RegionDiscoveryOutcomes, RegionDiscoverySources, ResponseCodes, ResponseMode, SERVER_TELEM_CONSTANTS, Separators, ServerResponseType, THE_FAMILY_ID, ThrottlingConstants };