@azure/msal-common 14.14.0 → 14.14.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (185) hide show
  1. package/dist/account/AccountInfo.d.ts +66 -66
  2. package/dist/account/AccountInfo.mjs +77 -77
  3. package/dist/account/AuthToken.d.ts +17 -17
  4. package/dist/account/AuthToken.mjs +58 -58
  5. package/dist/account/CcsCredential.d.ts +9 -9
  6. package/dist/account/CcsCredential.mjs +8 -8
  7. package/dist/account/ClientCredentials.d.ts +19 -19
  8. package/dist/account/ClientInfo.d.ts +18 -18
  9. package/dist/account/ClientInfo.mjs +37 -37
  10. package/dist/account/TokenClaims.d.ts +83 -83
  11. package/dist/account/TokenClaims.mjs +20 -20
  12. package/dist/authority/Authority.d.ts +254 -254
  13. package/dist/authority/Authority.mjs +836 -836
  14. package/dist/authority/AuthorityFactory.d.ts +18 -18
  15. package/dist/authority/AuthorityFactory.mjs +28 -28
  16. package/dist/authority/AuthorityMetadata.d.ts +43 -43
  17. package/dist/authority/AuthorityMetadata.mjs +137 -137
  18. package/dist/authority/AuthorityOptions.d.ts +27 -27
  19. package/dist/authority/AuthorityOptions.mjs +18 -18
  20. package/dist/authority/AuthorityType.d.ts +10 -10
  21. package/dist/authority/AuthorityType.mjs +13 -13
  22. package/dist/authority/AzureRegion.d.ts +1 -1
  23. package/dist/authority/AzureRegionConfiguration.d.ts +5 -5
  24. package/dist/authority/CloudDiscoveryMetadata.d.ts +5 -5
  25. package/dist/authority/CloudInstanceDiscoveryErrorResponse.d.ts +13 -13
  26. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +8 -8
  27. package/dist/authority/CloudInstanceDiscoveryResponse.d.ts +9 -9
  28. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +8 -8
  29. package/dist/authority/ImdsOptions.d.ts +5 -5
  30. package/dist/authority/OIDCOptions.d.ts +8 -8
  31. package/dist/authority/OpenIdConfigResponse.d.ts +11 -11
  32. package/dist/authority/OpenIdConfigResponse.mjs +10 -10
  33. package/dist/authority/ProtocolMode.d.ts +8 -8
  34. package/dist/authority/ProtocolMode.mjs +11 -11
  35. package/dist/authority/RegionDiscovery.d.ts +32 -32
  36. package/dist/authority/RegionDiscovery.mjs +106 -106
  37. package/dist/authority/RegionDiscoveryMetadata.d.ts +6 -6
  38. package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +15 -15
  39. package/dist/cache/CacheManager.d.ts +497 -497
  40. package/dist/cache/CacheManager.mjs +1249 -1249
  41. package/dist/cache/entities/AccessTokenEntity.d.ts +25 -25
  42. package/dist/cache/entities/AccountEntity.d.ts +106 -106
  43. package/dist/cache/entities/AccountEntity.mjs +240 -240
  44. package/dist/cache/entities/AppMetadataEntity.d.ts +11 -11
  45. package/dist/cache/entities/AuthorityMetadataEntity.d.ts +15 -15
  46. package/dist/cache/entities/CacheRecord.d.ts +13 -13
  47. package/dist/cache/entities/CredentialEntity.d.ts +30 -30
  48. package/dist/cache/entities/IdTokenEntity.d.ts +8 -8
  49. package/dist/cache/entities/RefreshTokenEntity.d.ts +7 -7
  50. package/dist/cache/entities/ServerTelemetryEntity.d.ts +6 -6
  51. package/dist/cache/entities/ThrottlingEntity.d.ts +7 -7
  52. package/dist/cache/interface/ICacheManager.d.ts +166 -166
  53. package/dist/cache/interface/ICachePlugin.d.ts +5 -5
  54. package/dist/cache/interface/ISerializableTokenCache.d.ts +4 -4
  55. package/dist/cache/persistence/TokenCacheContext.d.ts +23 -23
  56. package/dist/cache/persistence/TokenCacheContext.mjs +25 -25
  57. package/dist/cache/utils/CacheHelpers.d.ts +94 -94
  58. package/dist/cache/utils/CacheHelpers.mjs +324 -324
  59. package/dist/cache/utils/CacheTypes.d.ts +69 -69
  60. package/dist/client/AuthorizationCodeClient.d.ts +74 -74
  61. package/dist/client/AuthorizationCodeClient.mjs +420 -420
  62. package/dist/client/BaseClient.d.ts +51 -51
  63. package/dist/client/BaseClient.mjs +100 -100
  64. package/dist/client/RefreshTokenClient.d.ts +35 -35
  65. package/dist/client/RefreshTokenClient.mjs +211 -211
  66. package/dist/client/SilentFlowClient.d.ts +27 -27
  67. package/dist/client/SilentFlowClient.mjs +133 -133
  68. package/dist/config/AppTokenProvider.d.ts +38 -38
  69. package/dist/config/ClientConfiguration.d.ts +150 -150
  70. package/dist/config/ClientConfiguration.mjs +95 -95
  71. package/dist/constants/AADServerParamKeys.d.ts +53 -53
  72. package/dist/constants/AADServerParamKeys.mjs +57 -57
  73. package/dist/crypto/ICrypto.d.ts +68 -68
  74. package/dist/crypto/ICrypto.mjs +36 -36
  75. package/dist/crypto/IGuidGenerator.d.ts +4 -4
  76. package/dist/crypto/JoseHeader.d.ts +22 -22
  77. package/dist/crypto/JoseHeader.mjs +37 -37
  78. package/dist/crypto/PopTokenGenerator.d.ts +59 -59
  79. package/dist/crypto/PopTokenGenerator.mjs +81 -81
  80. package/dist/crypto/SignedHttpRequest.d.ts +15 -15
  81. package/dist/error/AuthError.d.ts +44 -44
  82. package/dist/error/AuthError.mjs +46 -46
  83. package/dist/error/AuthErrorCodes.d.ts +5 -5
  84. package/dist/error/AuthErrorCodes.mjs +9 -9
  85. package/dist/error/CacheError.d.ts +20 -20
  86. package/dist/error/CacheError.mjs +24 -24
  87. package/dist/error/CacheErrorCodes.d.ts +2 -2
  88. package/dist/error/CacheErrorCodes.mjs +6 -6
  89. package/dist/error/ClientAuthError.d.ts +237 -237
  90. package/dist/error/ClientAuthError.mjs +249 -249
  91. package/dist/error/ClientAuthErrorCodes.d.ts +44 -44
  92. package/dist/error/ClientAuthErrorCodes.mjs +48 -48
  93. package/dist/error/ClientConfigurationError.d.ts +128 -128
  94. package/dist/error/ClientConfigurationError.mjs +135 -135
  95. package/dist/error/ClientConfigurationErrorCodes.d.ts +22 -22
  96. package/dist/error/ClientConfigurationErrorCodes.mjs +26 -26
  97. package/dist/error/InteractionRequiredAuthError.d.ts +65 -65
  98. package/dist/error/InteractionRequiredAuthError.mjs +85 -85
  99. package/dist/error/InteractionRequiredAuthErrorCodes.d.ts +7 -7
  100. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +13 -13
  101. package/dist/error/JoseHeaderError.d.ts +15 -15
  102. package/dist/error/JoseHeaderError.mjs +22 -22
  103. package/dist/error/JoseHeaderErrorCodes.d.ts +2 -2
  104. package/dist/error/JoseHeaderErrorCodes.mjs +6 -6
  105. package/dist/error/ServerError.d.ts +15 -15
  106. package/dist/error/ServerError.mjs +16 -16
  107. package/dist/index.cjs +8662 -8658
  108. package/dist/index.cjs.map +1 -1
  109. package/dist/index.d.ts +107 -107
  110. package/dist/index.mjs +1 -1
  111. package/dist/logger/Logger.d.ts +95 -95
  112. package/dist/logger/Logger.mjs +188 -188
  113. package/dist/network/INetworkModule.d.ts +29 -29
  114. package/dist/network/INetworkModule.mjs +12 -12
  115. package/dist/network/NetworkManager.d.ts +33 -33
  116. package/dist/network/NetworkManager.mjs +34 -34
  117. package/dist/network/RequestThumbprint.d.ts +18 -18
  118. package/dist/network/ThrottlingUtils.d.ts +42 -42
  119. package/dist/network/ThrottlingUtils.mjs +95 -95
  120. package/dist/packageMetadata.d.ts +2 -2
  121. package/dist/packageMetadata.mjs +4 -4
  122. package/dist/request/AuthenticationHeaderParser.d.ts +19 -19
  123. package/dist/request/AuthenticationHeaderParser.mjs +55 -55
  124. package/dist/request/BaseAuthRequest.d.ts +47 -47
  125. package/dist/request/CommonAuthorizationCodeRequest.d.ts +27 -27
  126. package/dist/request/CommonAuthorizationUrlRequest.d.ts +50 -50
  127. package/dist/request/CommonClientCredentialRequest.d.ts +17 -17
  128. package/dist/request/CommonDeviceCodeRequest.d.ts +21 -21
  129. package/dist/request/CommonEndSessionRequest.d.ts +21 -21
  130. package/dist/request/CommonOnBehalfOfRequest.d.ts +13 -13
  131. package/dist/request/CommonRefreshTokenRequest.d.ts +22 -22
  132. package/dist/request/CommonSilentFlowRequest.d.ts +27 -27
  133. package/dist/request/CommonUsernamePasswordRequest.d.ts +17 -17
  134. package/dist/request/NativeRequest.d.ts +19 -19
  135. package/dist/request/NativeSignOutRequest.d.ts +5 -5
  136. package/dist/request/RequestParameterBuilder.d.ts +217 -217
  137. package/dist/request/RequestParameterBuilder.mjs +382 -382
  138. package/dist/request/RequestValidator.d.ts +27 -27
  139. package/dist/request/RequestValidator.mjs +64 -64
  140. package/dist/request/ScopeSet.d.ts +88 -88
  141. package/dist/request/ScopeSet.mjs +197 -197
  142. package/dist/request/StoreInCache.d.ts +8 -8
  143. package/dist/response/AuthenticationResult.d.ts +41 -41
  144. package/dist/response/AuthorizationCodePayload.d.ts +13 -13
  145. package/dist/response/DeviceCodeResponse.d.ts +25 -25
  146. package/dist/response/ExternalTokenResponse.d.ts +15 -15
  147. package/dist/response/IMDSBadResponse.d.ts +4 -4
  148. package/dist/response/ResponseHandler.d.ts +69 -69
  149. package/dist/response/ResponseHandler.mjs +374 -374
  150. package/dist/response/ServerAuthorizationCodeResponse.d.ts +26 -26
  151. package/dist/response/ServerAuthorizationTokenResponse.d.ts +47 -47
  152. package/dist/telemetry/performance/IPerformanceClient.d.ts +57 -57
  153. package/dist/telemetry/performance/IPerformanceMeasurement.d.ts +5 -5
  154. package/dist/telemetry/performance/PerformanceClient.d.ts +242 -242
  155. package/dist/telemetry/performance/PerformanceClient.mjs +587 -587
  156. package/dist/telemetry/performance/PerformanceEvent.d.ts +515 -505
  157. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  158. package/dist/telemetry/performance/PerformanceEvent.mjs +484 -480
  159. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  160. package/dist/telemetry/performance/StubPerformanceClient.d.ts +24 -24
  161. package/dist/telemetry/performance/StubPerformanceClient.mjs +76 -76
  162. package/dist/telemetry/server/ServerTelemetryManager.d.ts +78 -78
  163. package/dist/telemetry/server/ServerTelemetryManager.mjs +260 -260
  164. package/dist/telemetry/server/ServerTelemetryRequest.d.ts +8 -8
  165. package/dist/url/IUri.d.ts +12 -12
  166. package/dist/url/UrlString.d.ts +48 -48
  167. package/dist/url/UrlString.mjs +161 -161
  168. package/dist/utils/ClientAssertionUtils.d.ts +2 -2
  169. package/dist/utils/ClientAssertionUtils.mjs +16 -16
  170. package/dist/utils/Constants.d.ts +309 -309
  171. package/dist/utils/Constants.mjs +322 -322
  172. package/dist/utils/FunctionWrappers.d.ts +27 -27
  173. package/dist/utils/FunctionWrappers.mjs +94 -94
  174. package/dist/utils/MsalTypes.d.ts +6 -6
  175. package/dist/utils/ProtocolUtils.d.ts +42 -42
  176. package/dist/utils/ProtocolUtils.mjs +69 -69
  177. package/dist/utils/StringUtils.d.ts +40 -40
  178. package/dist/utils/StringUtils.mjs +95 -95
  179. package/dist/utils/TimeUtils.d.ts +25 -25
  180. package/dist/utils/TimeUtils.mjs +43 -43
  181. package/dist/utils/UrlUtils.d.ts +10 -10
  182. package/dist/utils/UrlUtils.mjs +44 -44
  183. package/package.json +1 -1
  184. package/src/packageMetadata.ts +1 -1
  185. package/src/telemetry/performance/PerformanceEvent.ts +12 -0
@@ -1,326 +1,326 @@
1
- /*! @azure/msal-common v14.14.0 2024-07-23 */
1
+ /*! @azure/msal-common v14.14.1 2024-08-13 */
2
2
  'use strict';
3
- /*
4
- * Copyright (c) Microsoft Corporation. All rights reserved.
5
- * Licensed under the MIT License.
6
- */
7
- const Constants = {
8
- LIBRARY_NAME: "MSAL.JS",
9
- SKU: "msal.js.common",
10
- // Prefix for all library cache entries
11
- CACHE_PREFIX: "msal",
12
- // default authority
13
- DEFAULT_AUTHORITY: "https://login.microsoftonline.com/common/",
14
- DEFAULT_AUTHORITY_HOST: "login.microsoftonline.com",
15
- DEFAULT_COMMON_TENANT: "common",
16
- // ADFS String
17
- ADFS: "adfs",
18
- DSTS: "dstsv2",
19
- // Default AAD Instance Discovery Endpoint
20
- AAD_INSTANCE_DISCOVERY_ENDPT: "https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=",
21
- // CIAM URL
22
- CIAM_AUTH_URL: ".ciamlogin.com",
23
- AAD_TENANT_DOMAIN_SUFFIX: ".onmicrosoft.com",
24
- // Resource delimiter - used for certain cache entries
25
- RESOURCE_DELIM: "|",
26
- // Placeholder for non-existent account ids/objects
27
- NO_ACCOUNT: "NO_ACCOUNT",
28
- // Claims
29
- CLAIMS: "claims",
30
- // Consumer UTID
31
- CONSUMER_UTID: "9188040d-6c67-4c5b-b112-36a304b66dad",
32
- // Default scopes
33
- OPENID_SCOPE: "openid",
34
- PROFILE_SCOPE: "profile",
35
- OFFLINE_ACCESS_SCOPE: "offline_access",
36
- EMAIL_SCOPE: "email",
37
- // Default response type for authorization code flow
38
- CODE_RESPONSE_TYPE: "code",
39
- CODE_GRANT_TYPE: "authorization_code",
40
- RT_GRANT_TYPE: "refresh_token",
41
- FRAGMENT_RESPONSE_MODE: "fragment",
42
- S256_CODE_CHALLENGE_METHOD: "S256",
43
- URL_FORM_CONTENT_TYPE: "application/x-www-form-urlencoded;charset=utf-8",
44
- AUTHORIZATION_PENDING: "authorization_pending",
45
- NOT_DEFINED: "not_defined",
46
- EMPTY_STRING: "",
47
- NOT_APPLICABLE: "N/A",
48
- NOT_AVAILABLE: "Not Available",
49
- FORWARD_SLASH: "/",
50
- IMDS_ENDPOINT: "http://169.254.169.254/metadata/instance/compute/location",
51
- IMDS_VERSION: "2020-06-01",
52
- IMDS_TIMEOUT: 2000,
53
- AZURE_REGION_AUTO_DISCOVER_FLAG: "TryAutoDetect",
54
- REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX: "login.microsoft.com",
55
- KNOWN_PUBLIC_CLOUDS: [
56
- "login.microsoftonline.com",
57
- "login.windows.net",
58
- "login.microsoft.com",
59
- "sts.windows.net",
60
- ],
61
- TOKEN_RESPONSE_TYPE: "token",
62
- ID_TOKEN_RESPONSE_TYPE: "id_token",
63
- SHR_NONCE_VALIDITY: 240,
64
- INVALID_INSTANCE: "invalid_instance",
65
- };
66
- const HttpStatus = {
67
- SUCCESS: 200,
68
- SUCCESS_RANGE_START: 200,
69
- SUCCESS_RANGE_END: 299,
70
- REDIRECT: 302,
71
- CLIENT_ERROR: 400,
72
- CLIENT_ERROR_RANGE_START: 400,
73
- BAD_REQUEST: 400,
74
- UNAUTHORIZED: 401,
75
- NOT_FOUND: 404,
76
- REQUEST_TIMEOUT: 408,
77
- TOO_MANY_REQUESTS: 429,
78
- CLIENT_ERROR_RANGE_END: 499,
79
- SERVER_ERROR: 500,
80
- SERVER_ERROR_RANGE_START: 500,
81
- SERVICE_UNAVAILABLE: 503,
82
- GATEWAY_TIMEOUT: 504,
83
- SERVER_ERROR_RANGE_END: 599,
84
- MULTI_SIDED_ERROR: 600,
85
- };
86
- const OIDC_DEFAULT_SCOPES = [
87
- Constants.OPENID_SCOPE,
88
- Constants.PROFILE_SCOPE,
89
- Constants.OFFLINE_ACCESS_SCOPE,
90
- ];
91
- const OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, Constants.EMAIL_SCOPE];
92
- /**
93
- * Request header names
94
- */
95
- const HeaderNames = {
96
- CONTENT_TYPE: "Content-Type",
97
- RETRY_AFTER: "Retry-After",
98
- CCS_HEADER: "X-AnchorMailbox",
99
- WWWAuthenticate: "WWW-Authenticate",
100
- AuthenticationInfo: "Authentication-Info",
101
- X_MS_REQUEST_ID: "x-ms-request-id",
102
- X_MS_HTTP_VERSION: "x-ms-httpver",
103
- };
104
- /**
105
- * Persistent cache keys MSAL which stay while user is logged in.
106
- */
107
- const PersistentCacheKeys = {
108
- ID_TOKEN: "idtoken",
109
- CLIENT_INFO: "client.info",
110
- ADAL_ID_TOKEN: "adal.idtoken",
111
- ERROR: "error",
112
- ERROR_DESC: "error.description",
113
- ACTIVE_ACCOUNT: "active-account",
114
- ACTIVE_ACCOUNT_FILTERS: "active-account-filters", // new cache entry for active_account for a more robust version for browser
115
- };
116
- /**
117
- * String constants related to AAD Authority
118
- */
119
- const AADAuthorityConstants = {
120
- COMMON: "common",
121
- ORGANIZATIONS: "organizations",
122
- CONSUMERS: "consumers",
123
- };
124
- /**
125
- * Claims request keys
126
- */
127
- const ClaimsRequestKeys = {
128
- ACCESS_TOKEN: "access_token",
129
- XMS_CC: "xms_cc",
130
- };
131
- /**
132
- * we considered making this "enum" in the request instead of string, however it looks like the allowed list of
133
- * prompt values kept changing over past couple of years. There are some undocumented prompt values for some
134
- * internal partners too, hence the choice of generic "string" type instead of the "enum"
135
- */
136
- const PromptValue = {
137
- LOGIN: "login",
138
- SELECT_ACCOUNT: "select_account",
139
- CONSENT: "consent",
140
- NONE: "none",
141
- CREATE: "create",
142
- NO_SESSION: "no_session",
143
- };
144
- /**
145
- * allowed values for codeVerifier
146
- */
147
- const CodeChallengeMethodValues = {
148
- PLAIN: "plain",
149
- S256: "S256",
150
- };
151
- /**
152
- * allowed values for server response type
153
- */
154
- const ServerResponseType = {
155
- QUERY: "query",
156
- FRAGMENT: "fragment",
157
- };
158
- /**
159
- * allowed values for response_mode
160
- */
161
- const ResponseMode = {
162
- ...ServerResponseType,
163
- FORM_POST: "form_post",
164
- };
165
- /**
166
- * allowed grant_type
167
- */
168
- const GrantType = {
169
- IMPLICIT_GRANT: "implicit",
170
- AUTHORIZATION_CODE_GRANT: "authorization_code",
171
- CLIENT_CREDENTIALS_GRANT: "client_credentials",
172
- RESOURCE_OWNER_PASSWORD_GRANT: "password",
173
- REFRESH_TOKEN_GRANT: "refresh_token",
174
- DEVICE_CODE_GRANT: "device_code",
175
- JWT_BEARER: "urn:ietf:params:oauth:grant-type:jwt-bearer",
176
- };
177
- /**
178
- * Account types in Cache
179
- */
180
- const CacheAccountType = {
181
- MSSTS_ACCOUNT_TYPE: "MSSTS",
182
- ADFS_ACCOUNT_TYPE: "ADFS",
183
- MSAV1_ACCOUNT_TYPE: "MSA",
184
- GENERIC_ACCOUNT_TYPE: "Generic", // NTLM, Kerberos, FBA, Basic etc
185
- };
186
- /**
187
- * Separators used in cache
188
- */
189
- const Separators = {
190
- CACHE_KEY_SEPARATOR: "-",
191
- CLIENT_INFO_SEPARATOR: ".",
192
- };
193
- /**
194
- * Credential Type stored in the cache
195
- */
196
- const CredentialType = {
197
- ID_TOKEN: "IdToken",
198
- ACCESS_TOKEN: "AccessToken",
199
- ACCESS_TOKEN_WITH_AUTH_SCHEME: "AccessToken_With_AuthScheme",
200
- REFRESH_TOKEN: "RefreshToken",
201
- };
202
- /**
203
- * Combine all cache types
204
- */
205
- const CacheType = {
206
- ADFS: 1001,
207
- MSA: 1002,
208
- MSSTS: 1003,
209
- GENERIC: 1004,
210
- ACCESS_TOKEN: 2001,
211
- REFRESH_TOKEN: 2002,
212
- ID_TOKEN: 2003,
213
- APP_METADATA: 3001,
214
- UNDEFINED: 9999,
215
- };
216
- /**
217
- * More Cache related constants
218
- */
219
- const APP_METADATA = "appmetadata";
220
- const CLIENT_INFO = "client_info";
221
- const THE_FAMILY_ID = "1";
222
- const AUTHORITY_METADATA_CONSTANTS = {
223
- CACHE_KEY: "authority-metadata",
224
- REFRESH_TIME_SECONDS: 3600 * 24, // 24 Hours
225
- };
226
- const AuthorityMetadataSource = {
227
- CONFIG: "config",
228
- CACHE: "cache",
229
- NETWORK: "network",
230
- HARDCODED_VALUES: "hardcoded_values",
231
- };
232
- const SERVER_TELEM_CONSTANTS = {
233
- SCHEMA_VERSION: 5,
234
- MAX_CUR_HEADER_BYTES: 80,
235
- MAX_LAST_HEADER_BYTES: 330,
236
- MAX_CACHED_ERRORS: 50,
237
- CACHE_KEY: "server-telemetry",
238
- CATEGORY_SEPARATOR: "|",
239
- VALUE_SEPARATOR: ",",
240
- OVERFLOW_TRUE: "1",
241
- OVERFLOW_FALSE: "0",
242
- UNKNOWN_ERROR: "unknown_error",
243
- };
244
- /**
245
- * Type of the authentication request
246
- */
247
- const AuthenticationScheme = {
248
- BEARER: "Bearer",
249
- POP: "pop",
250
- SSH: "ssh-cert",
251
- };
252
- /**
253
- * Constants related to throttling
254
- */
255
- const ThrottlingConstants = {
256
- // Default time to throttle RequestThumbprint in seconds
257
- DEFAULT_THROTTLE_TIME_SECONDS: 60,
258
- // Default maximum time to throttle in seconds, overrides what the server sends back
259
- DEFAULT_MAX_THROTTLE_TIME_SECONDS: 3600,
260
- // Prefix for storing throttling entries
261
- THROTTLING_PREFIX: "throttling",
262
- // Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling
263
- X_MS_LIB_CAPABILITY_VALUE: "retry-after, h429",
264
- };
265
- const Errors = {
266
- INVALID_GRANT_ERROR: "invalid_grant",
267
- CLIENT_MISMATCH_ERROR: "client_mismatch",
268
- };
269
- /**
270
- * Password grant parameters
271
- */
272
- const PasswordGrantConstants = {
273
- username: "username",
274
- password: "password",
275
- };
276
- /**
277
- * Response codes
278
- */
279
- const ResponseCodes = {
280
- httpSuccess: 200,
281
- httpBadRequest: 400,
282
- };
283
- /**
284
- * Region Discovery Sources
285
- */
286
- const RegionDiscoverySources = {
287
- FAILED_AUTO_DETECTION: "1",
288
- INTERNAL_CACHE: "2",
289
- ENVIRONMENT_VARIABLE: "3",
290
- IMDS: "4",
291
- };
292
- /**
293
- * Region Discovery Outcomes
294
- */
295
- const RegionDiscoveryOutcomes = {
296
- CONFIGURED_MATCHES_DETECTED: "1",
297
- CONFIGURED_NO_AUTO_DETECTION: "2",
298
- CONFIGURED_NOT_DETECTED: "3",
299
- AUTO_DETECTION_REQUESTED_SUCCESSFUL: "4",
300
- AUTO_DETECTION_REQUESTED_FAILED: "5",
301
- };
302
- /**
303
- * Specifies the reason for fetching the access token from the identity provider
304
- */
305
- const CacheOutcome = {
306
- // When a token is found in the cache or the cache is not supposed to be hit when making the request
307
- NOT_APPLICABLE: "0",
308
- // When the token request goes to the identity provider because force_refresh was set to true. Also occurs if claims were requested
309
- FORCE_REFRESH_OR_CLAIMS: "1",
310
- // When the token request goes to the identity provider because no cached access token exists
311
- NO_CACHED_ACCESS_TOKEN: "2",
312
- // When the token request goes to the identity provider because cached access token expired
313
- CACHED_ACCESS_TOKEN_EXPIRED: "3",
314
- // When the token request goes to the identity provider because refresh_in was used and the existing token needs to be refreshed
315
- PROACTIVELY_REFRESHED: "4",
316
- };
317
- const JsonWebTokenTypes = {
318
- Jwt: "JWT",
319
- Jwk: "JWK",
320
- Pop: "pop",
321
- };
322
- const ONE_DAY_IN_MS = 86400000;
323
- // Token renewal offset default in seconds
3
+ /*
4
+ * Copyright (c) Microsoft Corporation. All rights reserved.
5
+ * Licensed under the MIT License.
6
+ */
7
+ const Constants = {
8
+ LIBRARY_NAME: "MSAL.JS",
9
+ SKU: "msal.js.common",
10
+ // Prefix for all library cache entries
11
+ CACHE_PREFIX: "msal",
12
+ // default authority
13
+ DEFAULT_AUTHORITY: "https://login.microsoftonline.com/common/",
14
+ DEFAULT_AUTHORITY_HOST: "login.microsoftonline.com",
15
+ DEFAULT_COMMON_TENANT: "common",
16
+ // ADFS String
17
+ ADFS: "adfs",
18
+ DSTS: "dstsv2",
19
+ // Default AAD Instance Discovery Endpoint
20
+ AAD_INSTANCE_DISCOVERY_ENDPT: "https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=",
21
+ // CIAM URL
22
+ CIAM_AUTH_URL: ".ciamlogin.com",
23
+ AAD_TENANT_DOMAIN_SUFFIX: ".onmicrosoft.com",
24
+ // Resource delimiter - used for certain cache entries
25
+ RESOURCE_DELIM: "|",
26
+ // Placeholder for non-existent account ids/objects
27
+ NO_ACCOUNT: "NO_ACCOUNT",
28
+ // Claims
29
+ CLAIMS: "claims",
30
+ // Consumer UTID
31
+ CONSUMER_UTID: "9188040d-6c67-4c5b-b112-36a304b66dad",
32
+ // Default scopes
33
+ OPENID_SCOPE: "openid",
34
+ PROFILE_SCOPE: "profile",
35
+ OFFLINE_ACCESS_SCOPE: "offline_access",
36
+ EMAIL_SCOPE: "email",
37
+ // Default response type for authorization code flow
38
+ CODE_RESPONSE_TYPE: "code",
39
+ CODE_GRANT_TYPE: "authorization_code",
40
+ RT_GRANT_TYPE: "refresh_token",
41
+ FRAGMENT_RESPONSE_MODE: "fragment",
42
+ S256_CODE_CHALLENGE_METHOD: "S256",
43
+ URL_FORM_CONTENT_TYPE: "application/x-www-form-urlencoded;charset=utf-8",
44
+ AUTHORIZATION_PENDING: "authorization_pending",
45
+ NOT_DEFINED: "not_defined",
46
+ EMPTY_STRING: "",
47
+ NOT_APPLICABLE: "N/A",
48
+ NOT_AVAILABLE: "Not Available",
49
+ FORWARD_SLASH: "/",
50
+ IMDS_ENDPOINT: "http://169.254.169.254/metadata/instance/compute/location",
51
+ IMDS_VERSION: "2020-06-01",
52
+ IMDS_TIMEOUT: 2000,
53
+ AZURE_REGION_AUTO_DISCOVER_FLAG: "TryAutoDetect",
54
+ REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX: "login.microsoft.com",
55
+ KNOWN_PUBLIC_CLOUDS: [
56
+ "login.microsoftonline.com",
57
+ "login.windows.net",
58
+ "login.microsoft.com",
59
+ "sts.windows.net",
60
+ ],
61
+ TOKEN_RESPONSE_TYPE: "token",
62
+ ID_TOKEN_RESPONSE_TYPE: "id_token",
63
+ SHR_NONCE_VALIDITY: 240,
64
+ INVALID_INSTANCE: "invalid_instance",
65
+ };
66
+ const HttpStatus = {
67
+ SUCCESS: 200,
68
+ SUCCESS_RANGE_START: 200,
69
+ SUCCESS_RANGE_END: 299,
70
+ REDIRECT: 302,
71
+ CLIENT_ERROR: 400,
72
+ CLIENT_ERROR_RANGE_START: 400,
73
+ BAD_REQUEST: 400,
74
+ UNAUTHORIZED: 401,
75
+ NOT_FOUND: 404,
76
+ REQUEST_TIMEOUT: 408,
77
+ TOO_MANY_REQUESTS: 429,
78
+ CLIENT_ERROR_RANGE_END: 499,
79
+ SERVER_ERROR: 500,
80
+ SERVER_ERROR_RANGE_START: 500,
81
+ SERVICE_UNAVAILABLE: 503,
82
+ GATEWAY_TIMEOUT: 504,
83
+ SERVER_ERROR_RANGE_END: 599,
84
+ MULTI_SIDED_ERROR: 600,
85
+ };
86
+ const OIDC_DEFAULT_SCOPES = [
87
+ Constants.OPENID_SCOPE,
88
+ Constants.PROFILE_SCOPE,
89
+ Constants.OFFLINE_ACCESS_SCOPE,
90
+ ];
91
+ const OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, Constants.EMAIL_SCOPE];
92
+ /**
93
+ * Request header names
94
+ */
95
+ const HeaderNames = {
96
+ CONTENT_TYPE: "Content-Type",
97
+ RETRY_AFTER: "Retry-After",
98
+ CCS_HEADER: "X-AnchorMailbox",
99
+ WWWAuthenticate: "WWW-Authenticate",
100
+ AuthenticationInfo: "Authentication-Info",
101
+ X_MS_REQUEST_ID: "x-ms-request-id",
102
+ X_MS_HTTP_VERSION: "x-ms-httpver",
103
+ };
104
+ /**
105
+ * Persistent cache keys MSAL which stay while user is logged in.
106
+ */
107
+ const PersistentCacheKeys = {
108
+ ID_TOKEN: "idtoken",
109
+ CLIENT_INFO: "client.info",
110
+ ADAL_ID_TOKEN: "adal.idtoken",
111
+ ERROR: "error",
112
+ ERROR_DESC: "error.description",
113
+ ACTIVE_ACCOUNT: "active-account",
114
+ ACTIVE_ACCOUNT_FILTERS: "active-account-filters", // new cache entry for active_account for a more robust version for browser
115
+ };
116
+ /**
117
+ * String constants related to AAD Authority
118
+ */
119
+ const AADAuthorityConstants = {
120
+ COMMON: "common",
121
+ ORGANIZATIONS: "organizations",
122
+ CONSUMERS: "consumers",
123
+ };
124
+ /**
125
+ * Claims request keys
126
+ */
127
+ const ClaimsRequestKeys = {
128
+ ACCESS_TOKEN: "access_token",
129
+ XMS_CC: "xms_cc",
130
+ };
131
+ /**
132
+ * we considered making this "enum" in the request instead of string, however it looks like the allowed list of
133
+ * prompt values kept changing over past couple of years. There are some undocumented prompt values for some
134
+ * internal partners too, hence the choice of generic "string" type instead of the "enum"
135
+ */
136
+ const PromptValue = {
137
+ LOGIN: "login",
138
+ SELECT_ACCOUNT: "select_account",
139
+ CONSENT: "consent",
140
+ NONE: "none",
141
+ CREATE: "create",
142
+ NO_SESSION: "no_session",
143
+ };
144
+ /**
145
+ * allowed values for codeVerifier
146
+ */
147
+ const CodeChallengeMethodValues = {
148
+ PLAIN: "plain",
149
+ S256: "S256",
150
+ };
151
+ /**
152
+ * allowed values for server response type
153
+ */
154
+ const ServerResponseType = {
155
+ QUERY: "query",
156
+ FRAGMENT: "fragment",
157
+ };
158
+ /**
159
+ * allowed values for response_mode
160
+ */
161
+ const ResponseMode = {
162
+ ...ServerResponseType,
163
+ FORM_POST: "form_post",
164
+ };
165
+ /**
166
+ * allowed grant_type
167
+ */
168
+ const GrantType = {
169
+ IMPLICIT_GRANT: "implicit",
170
+ AUTHORIZATION_CODE_GRANT: "authorization_code",
171
+ CLIENT_CREDENTIALS_GRANT: "client_credentials",
172
+ RESOURCE_OWNER_PASSWORD_GRANT: "password",
173
+ REFRESH_TOKEN_GRANT: "refresh_token",
174
+ DEVICE_CODE_GRANT: "device_code",
175
+ JWT_BEARER: "urn:ietf:params:oauth:grant-type:jwt-bearer",
176
+ };
177
+ /**
178
+ * Account types in Cache
179
+ */
180
+ const CacheAccountType = {
181
+ MSSTS_ACCOUNT_TYPE: "MSSTS",
182
+ ADFS_ACCOUNT_TYPE: "ADFS",
183
+ MSAV1_ACCOUNT_TYPE: "MSA",
184
+ GENERIC_ACCOUNT_TYPE: "Generic", // NTLM, Kerberos, FBA, Basic etc
185
+ };
186
+ /**
187
+ * Separators used in cache
188
+ */
189
+ const Separators = {
190
+ CACHE_KEY_SEPARATOR: "-",
191
+ CLIENT_INFO_SEPARATOR: ".",
192
+ };
193
+ /**
194
+ * Credential Type stored in the cache
195
+ */
196
+ const CredentialType = {
197
+ ID_TOKEN: "IdToken",
198
+ ACCESS_TOKEN: "AccessToken",
199
+ ACCESS_TOKEN_WITH_AUTH_SCHEME: "AccessToken_With_AuthScheme",
200
+ REFRESH_TOKEN: "RefreshToken",
201
+ };
202
+ /**
203
+ * Combine all cache types
204
+ */
205
+ const CacheType = {
206
+ ADFS: 1001,
207
+ MSA: 1002,
208
+ MSSTS: 1003,
209
+ GENERIC: 1004,
210
+ ACCESS_TOKEN: 2001,
211
+ REFRESH_TOKEN: 2002,
212
+ ID_TOKEN: 2003,
213
+ APP_METADATA: 3001,
214
+ UNDEFINED: 9999,
215
+ };
216
+ /**
217
+ * More Cache related constants
218
+ */
219
+ const APP_METADATA = "appmetadata";
220
+ const CLIENT_INFO = "client_info";
221
+ const THE_FAMILY_ID = "1";
222
+ const AUTHORITY_METADATA_CONSTANTS = {
223
+ CACHE_KEY: "authority-metadata",
224
+ REFRESH_TIME_SECONDS: 3600 * 24, // 24 Hours
225
+ };
226
+ const AuthorityMetadataSource = {
227
+ CONFIG: "config",
228
+ CACHE: "cache",
229
+ NETWORK: "network",
230
+ HARDCODED_VALUES: "hardcoded_values",
231
+ };
232
+ const SERVER_TELEM_CONSTANTS = {
233
+ SCHEMA_VERSION: 5,
234
+ MAX_CUR_HEADER_BYTES: 80,
235
+ MAX_LAST_HEADER_BYTES: 330,
236
+ MAX_CACHED_ERRORS: 50,
237
+ CACHE_KEY: "server-telemetry",
238
+ CATEGORY_SEPARATOR: "|",
239
+ VALUE_SEPARATOR: ",",
240
+ OVERFLOW_TRUE: "1",
241
+ OVERFLOW_FALSE: "0",
242
+ UNKNOWN_ERROR: "unknown_error",
243
+ };
244
+ /**
245
+ * Type of the authentication request
246
+ */
247
+ const AuthenticationScheme = {
248
+ BEARER: "Bearer",
249
+ POP: "pop",
250
+ SSH: "ssh-cert",
251
+ };
252
+ /**
253
+ * Constants related to throttling
254
+ */
255
+ const ThrottlingConstants = {
256
+ // Default time to throttle RequestThumbprint in seconds
257
+ DEFAULT_THROTTLE_TIME_SECONDS: 60,
258
+ // Default maximum time to throttle in seconds, overrides what the server sends back
259
+ DEFAULT_MAX_THROTTLE_TIME_SECONDS: 3600,
260
+ // Prefix for storing throttling entries
261
+ THROTTLING_PREFIX: "throttling",
262
+ // Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling
263
+ X_MS_LIB_CAPABILITY_VALUE: "retry-after, h429",
264
+ };
265
+ const Errors = {
266
+ INVALID_GRANT_ERROR: "invalid_grant",
267
+ CLIENT_MISMATCH_ERROR: "client_mismatch",
268
+ };
269
+ /**
270
+ * Password grant parameters
271
+ */
272
+ const PasswordGrantConstants = {
273
+ username: "username",
274
+ password: "password",
275
+ };
276
+ /**
277
+ * Response codes
278
+ */
279
+ const ResponseCodes = {
280
+ httpSuccess: 200,
281
+ httpBadRequest: 400,
282
+ };
283
+ /**
284
+ * Region Discovery Sources
285
+ */
286
+ const RegionDiscoverySources = {
287
+ FAILED_AUTO_DETECTION: "1",
288
+ INTERNAL_CACHE: "2",
289
+ ENVIRONMENT_VARIABLE: "3",
290
+ IMDS: "4",
291
+ };
292
+ /**
293
+ * Region Discovery Outcomes
294
+ */
295
+ const RegionDiscoveryOutcomes = {
296
+ CONFIGURED_MATCHES_DETECTED: "1",
297
+ CONFIGURED_NO_AUTO_DETECTION: "2",
298
+ CONFIGURED_NOT_DETECTED: "3",
299
+ AUTO_DETECTION_REQUESTED_SUCCESSFUL: "4",
300
+ AUTO_DETECTION_REQUESTED_FAILED: "5",
301
+ };
302
+ /**
303
+ * Specifies the reason for fetching the access token from the identity provider
304
+ */
305
+ const CacheOutcome = {
306
+ // When a token is found in the cache or the cache is not supposed to be hit when making the request
307
+ NOT_APPLICABLE: "0",
308
+ // When the token request goes to the identity provider because force_refresh was set to true. Also occurs if claims were requested
309
+ FORCE_REFRESH_OR_CLAIMS: "1",
310
+ // When the token request goes to the identity provider because no cached access token exists
311
+ NO_CACHED_ACCESS_TOKEN: "2",
312
+ // When the token request goes to the identity provider because cached access token expired
313
+ CACHED_ACCESS_TOKEN_EXPIRED: "3",
314
+ // When the token request goes to the identity provider because refresh_in was used and the existing token needs to be refreshed
315
+ PROACTIVELY_REFRESHED: "4",
316
+ };
317
+ const JsonWebTokenTypes = {
318
+ Jwt: "JWT",
319
+ Jwk: "JWK",
320
+ Pop: "pop",
321
+ };
322
+ const ONE_DAY_IN_MS = 86400000;
323
+ // Token renewal offset default in seconds
324
324
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
325
325
 
326
326
  export { AADAuthorityConstants, APP_METADATA, AUTHORITY_METADATA_CONSTANTS, AuthenticationScheme, AuthorityMetadataSource, CLIENT_INFO, CacheAccountType, CacheOutcome, CacheType, ClaimsRequestKeys, CodeChallengeMethodValues, Constants, CredentialType, DEFAULT_TOKEN_RENEWAL_OFFSET_SEC, Errors, GrantType, HeaderNames, HttpStatus, JsonWebTokenTypes, OIDC_DEFAULT_SCOPES, OIDC_SCOPES, ONE_DAY_IN_MS, PasswordGrantConstants, PersistentCacheKeys, PromptValue, RegionDiscoveryOutcomes, RegionDiscoverySources, ResponseCodes, ResponseMode, SERVER_TELEM_CONSTANTS, Separators, ServerResponseType, THE_FAMILY_ID, ThrottlingConstants };