@azure/msal-common 14.14.0 → 14.14.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +66 -66
- package/dist/account/AccountInfo.mjs +77 -77
- package/dist/account/AuthToken.d.ts +17 -17
- package/dist/account/AuthToken.mjs +58 -58
- package/dist/account/CcsCredential.d.ts +9 -9
- package/dist/account/CcsCredential.mjs +8 -8
- package/dist/account/ClientCredentials.d.ts +19 -19
- package/dist/account/ClientInfo.d.ts +18 -18
- package/dist/account/ClientInfo.mjs +37 -37
- package/dist/account/TokenClaims.d.ts +83 -83
- package/dist/account/TokenClaims.mjs +20 -20
- package/dist/authority/Authority.d.ts +254 -254
- package/dist/authority/Authority.mjs +836 -836
- package/dist/authority/AuthorityFactory.d.ts +18 -18
- package/dist/authority/AuthorityFactory.mjs +28 -28
- package/dist/authority/AuthorityMetadata.d.ts +43 -43
- package/dist/authority/AuthorityMetadata.mjs +137 -137
- package/dist/authority/AuthorityOptions.d.ts +27 -27
- package/dist/authority/AuthorityOptions.mjs +18 -18
- package/dist/authority/AuthorityType.d.ts +10 -10
- package/dist/authority/AuthorityType.mjs +13 -13
- package/dist/authority/AzureRegion.d.ts +1 -1
- package/dist/authority/AzureRegionConfiguration.d.ts +5 -5
- package/dist/authority/CloudDiscoveryMetadata.d.ts +5 -5
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.d.ts +13 -13
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +8 -8
- package/dist/authority/CloudInstanceDiscoveryResponse.d.ts +9 -9
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +8 -8
- package/dist/authority/ImdsOptions.d.ts +5 -5
- package/dist/authority/OIDCOptions.d.ts +8 -8
- package/dist/authority/OpenIdConfigResponse.d.ts +11 -11
- package/dist/authority/OpenIdConfigResponse.mjs +10 -10
- package/dist/authority/ProtocolMode.d.ts +8 -8
- package/dist/authority/ProtocolMode.mjs +11 -11
- package/dist/authority/RegionDiscovery.d.ts +32 -32
- package/dist/authority/RegionDiscovery.mjs +106 -106
- package/dist/authority/RegionDiscoveryMetadata.d.ts +6 -6
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +15 -15
- package/dist/cache/CacheManager.d.ts +497 -497
- package/dist/cache/CacheManager.mjs +1249 -1249
- package/dist/cache/entities/AccessTokenEntity.d.ts +25 -25
- package/dist/cache/entities/AccountEntity.d.ts +106 -106
- package/dist/cache/entities/AccountEntity.mjs +240 -240
- package/dist/cache/entities/AppMetadataEntity.d.ts +11 -11
- package/dist/cache/entities/AuthorityMetadataEntity.d.ts +15 -15
- package/dist/cache/entities/CacheRecord.d.ts +13 -13
- package/dist/cache/entities/CredentialEntity.d.ts +30 -30
- package/dist/cache/entities/IdTokenEntity.d.ts +8 -8
- package/dist/cache/entities/RefreshTokenEntity.d.ts +7 -7
- package/dist/cache/entities/ServerTelemetryEntity.d.ts +6 -6
- package/dist/cache/entities/ThrottlingEntity.d.ts +7 -7
- package/dist/cache/interface/ICacheManager.d.ts +166 -166
- package/dist/cache/interface/ICachePlugin.d.ts +5 -5
- package/dist/cache/interface/ISerializableTokenCache.d.ts +4 -4
- package/dist/cache/persistence/TokenCacheContext.d.ts +23 -23
- package/dist/cache/persistence/TokenCacheContext.mjs +25 -25
- package/dist/cache/utils/CacheHelpers.d.ts +94 -94
- package/dist/cache/utils/CacheHelpers.mjs +324 -324
- package/dist/cache/utils/CacheTypes.d.ts +69 -69
- package/dist/client/AuthorizationCodeClient.d.ts +74 -74
- package/dist/client/AuthorizationCodeClient.mjs +420 -420
- package/dist/client/BaseClient.d.ts +51 -51
- package/dist/client/BaseClient.mjs +100 -100
- package/dist/client/RefreshTokenClient.d.ts +35 -35
- package/dist/client/RefreshTokenClient.mjs +211 -211
- package/dist/client/SilentFlowClient.d.ts +27 -27
- package/dist/client/SilentFlowClient.mjs +133 -133
- package/dist/config/AppTokenProvider.d.ts +38 -38
- package/dist/config/ClientConfiguration.d.ts +150 -150
- package/dist/config/ClientConfiguration.mjs +95 -95
- package/dist/constants/AADServerParamKeys.d.ts +53 -53
- package/dist/constants/AADServerParamKeys.mjs +57 -57
- package/dist/crypto/ICrypto.d.ts +68 -68
- package/dist/crypto/ICrypto.mjs +36 -36
- package/dist/crypto/IGuidGenerator.d.ts +4 -4
- package/dist/crypto/JoseHeader.d.ts +22 -22
- package/dist/crypto/JoseHeader.mjs +37 -37
- package/dist/crypto/PopTokenGenerator.d.ts +59 -59
- package/dist/crypto/PopTokenGenerator.mjs +81 -81
- package/dist/crypto/SignedHttpRequest.d.ts +15 -15
- package/dist/error/AuthError.d.ts +44 -44
- package/dist/error/AuthError.mjs +46 -46
- package/dist/error/AuthErrorCodes.d.ts +5 -5
- package/dist/error/AuthErrorCodes.mjs +9 -9
- package/dist/error/CacheError.d.ts +20 -20
- package/dist/error/CacheError.mjs +24 -24
- package/dist/error/CacheErrorCodes.d.ts +2 -2
- package/dist/error/CacheErrorCodes.mjs +6 -6
- package/dist/error/ClientAuthError.d.ts +237 -237
- package/dist/error/ClientAuthError.mjs +249 -249
- package/dist/error/ClientAuthErrorCodes.d.ts +44 -44
- package/dist/error/ClientAuthErrorCodes.mjs +48 -48
- package/dist/error/ClientConfigurationError.d.ts +128 -128
- package/dist/error/ClientConfigurationError.mjs +135 -135
- package/dist/error/ClientConfigurationErrorCodes.d.ts +22 -22
- package/dist/error/ClientConfigurationErrorCodes.mjs +26 -26
- package/dist/error/InteractionRequiredAuthError.d.ts +65 -65
- package/dist/error/InteractionRequiredAuthError.mjs +85 -85
- package/dist/error/InteractionRequiredAuthErrorCodes.d.ts +7 -7
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +13 -13
- package/dist/error/JoseHeaderError.d.ts +15 -15
- package/dist/error/JoseHeaderError.mjs +22 -22
- package/dist/error/JoseHeaderErrorCodes.d.ts +2 -2
- package/dist/error/JoseHeaderErrorCodes.mjs +6 -6
- package/dist/error/ServerError.d.ts +15 -15
- package/dist/error/ServerError.mjs +16 -16
- package/dist/index.cjs +8658 -8658
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.ts +107 -107
- package/dist/index.mjs +1 -1
- package/dist/logger/Logger.d.ts +95 -95
- package/dist/logger/Logger.mjs +188 -188
- package/dist/network/INetworkModule.d.ts +29 -29
- package/dist/network/INetworkModule.mjs +12 -12
- package/dist/network/NetworkManager.d.ts +33 -33
- package/dist/network/NetworkManager.mjs +34 -34
- package/dist/network/RequestThumbprint.d.ts +18 -18
- package/dist/network/ThrottlingUtils.d.ts +42 -42
- package/dist/network/ThrottlingUtils.mjs +95 -95
- package/dist/packageMetadata.d.ts +2 -2
- package/dist/packageMetadata.mjs +4 -4
- package/dist/request/AuthenticationHeaderParser.d.ts +19 -19
- package/dist/request/AuthenticationHeaderParser.mjs +55 -55
- package/dist/request/BaseAuthRequest.d.ts +47 -47
- package/dist/request/CommonAuthorizationCodeRequest.d.ts +27 -27
- package/dist/request/CommonAuthorizationUrlRequest.d.ts +50 -50
- package/dist/request/CommonClientCredentialRequest.d.ts +17 -17
- package/dist/request/CommonDeviceCodeRequest.d.ts +21 -21
- package/dist/request/CommonEndSessionRequest.d.ts +21 -21
- package/dist/request/CommonOnBehalfOfRequest.d.ts +13 -13
- package/dist/request/CommonRefreshTokenRequest.d.ts +22 -22
- package/dist/request/CommonSilentFlowRequest.d.ts +27 -27
- package/dist/request/CommonUsernamePasswordRequest.d.ts +17 -17
- package/dist/request/NativeRequest.d.ts +19 -19
- package/dist/request/NativeSignOutRequest.d.ts +5 -5
- package/dist/request/RequestParameterBuilder.d.ts +217 -217
- package/dist/request/RequestParameterBuilder.mjs +382 -382
- package/dist/request/RequestValidator.d.ts +27 -27
- package/dist/request/RequestValidator.mjs +64 -64
- package/dist/request/ScopeSet.d.ts +88 -88
- package/dist/request/ScopeSet.mjs +197 -197
- package/dist/request/StoreInCache.d.ts +8 -8
- package/dist/response/AuthenticationResult.d.ts +41 -41
- package/dist/response/AuthorizationCodePayload.d.ts +13 -13
- package/dist/response/DeviceCodeResponse.d.ts +25 -25
- package/dist/response/ExternalTokenResponse.d.ts +15 -15
- package/dist/response/IMDSBadResponse.d.ts +4 -4
- package/dist/response/ResponseHandler.d.ts +69 -69
- package/dist/response/ResponseHandler.mjs +374 -374
- package/dist/response/ServerAuthorizationCodeResponse.d.ts +26 -26
- package/dist/response/ServerAuthorizationTokenResponse.d.ts +47 -47
- package/dist/telemetry/performance/IPerformanceClient.d.ts +57 -57
- package/dist/telemetry/performance/IPerformanceMeasurement.d.ts +5 -5
- package/dist/telemetry/performance/PerformanceClient.d.ts +242 -242
- package/dist/telemetry/performance/PerformanceClient.mjs +587 -587
- package/dist/telemetry/performance/PerformanceEvent.d.ts +511 -505
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +480 -480
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.d.ts +24 -24
- package/dist/telemetry/performance/StubPerformanceClient.mjs +76 -76
- package/dist/telemetry/server/ServerTelemetryManager.d.ts +78 -78
- package/dist/telemetry/server/ServerTelemetryManager.mjs +260 -260
- package/dist/telemetry/server/ServerTelemetryRequest.d.ts +8 -8
- package/dist/url/IUri.d.ts +12 -12
- package/dist/url/UrlString.d.ts +48 -48
- package/dist/url/UrlString.mjs +161 -161
- package/dist/utils/ClientAssertionUtils.d.ts +2 -2
- package/dist/utils/ClientAssertionUtils.mjs +16 -16
- package/dist/utils/Constants.d.ts +309 -309
- package/dist/utils/Constants.mjs +322 -322
- package/dist/utils/FunctionWrappers.d.ts +27 -27
- package/dist/utils/FunctionWrappers.mjs +94 -94
- package/dist/utils/MsalTypes.d.ts +6 -6
- package/dist/utils/ProtocolUtils.d.ts +42 -42
- package/dist/utils/ProtocolUtils.mjs +69 -69
- package/dist/utils/StringUtils.d.ts +40 -40
- package/dist/utils/StringUtils.mjs +95 -95
- package/dist/utils/TimeUtils.d.ts +25 -25
- package/dist/utils/TimeUtils.mjs +43 -43
- package/dist/utils/UrlUtils.d.ts +10 -10
- package/dist/utils/UrlUtils.mjs +44 -44
- package/package.json +1 -1
- package/src/packageMetadata.ts +1 -1
- package/src/telemetry/performance/PerformanceEvent.ts +7 -0
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-common v14.14.
|
|
1
|
+
/*! @azure/msal-common v14.14.2 2024-08-28 */
|
|
2
2
|
'use strict';
|
|
3
3
|
import { Constants, ResponseMode, OIDC_DEFAULT_SCOPES, HeaderNames, CLIENT_INFO, ClaimsRequestKeys, PasswordGrantConstants, AuthenticationScheme, ThrottlingConstants } from '../utils/Constants.mjs';
|
|
4
4
|
import { RESPONSE_TYPE, RESPONSE_MODE, NATIVE_BROKER, SCOPE, CLIENT_ID, REDIRECT_URI, POST_LOGOUT_URI, ID_TOKEN_HINT, DOMAIN_HINT, LOGIN_HINT, SID, CLAIMS, CLIENT_REQUEST_ID, X_CLIENT_SKU, X_CLIENT_VER, X_CLIENT_OS, X_CLIENT_CPU, X_APP_NAME, X_APP_VER, PROMPT, STATE, NONCE, CODE_CHALLENGE, CODE_CHALLENGE_METHOD, CODE, DEVICE_CODE, REFRESH_TOKEN, CODE_VERIFIER, CLIENT_SECRET, CLIENT_ASSERTION, CLIENT_ASSERTION_TYPE, OBO_ASSERTION, REQUESTED_TOKEN_USE, GRANT_TYPE, TOKEN_TYPE, REQ_CNF, X_CLIENT_CURR_TELEM, X_CLIENT_LAST_TELEM, X_MS_LIB_CAPABILITY, LOGOUT_HINT } from '../constants/AADServerParamKeys.mjs';
|
|
@@ -7,387 +7,387 @@ import { createClientConfigurationError } from '../error/ClientConfigurationErro
|
|
|
7
7
|
import { RequestValidator } from './RequestValidator.mjs';
|
|
8
8
|
import { pkceParamsMissing, invalidClaims } from '../error/ClientConfigurationErrorCodes.mjs';
|
|
9
9
|
|
|
10
|
-
/*
|
|
11
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
12
|
-
* Licensed under the MIT License.
|
|
13
|
-
*/
|
|
14
|
-
/** @internal */
|
|
15
|
-
class RequestParameterBuilder {
|
|
16
|
-
constructor() {
|
|
17
|
-
this.parameters = new Map();
|
|
18
|
-
}
|
|
19
|
-
/**
|
|
20
|
-
* add response_type = code
|
|
21
|
-
*/
|
|
22
|
-
addResponseTypeCode() {
|
|
23
|
-
this.parameters.set(RESPONSE_TYPE, encodeURIComponent(Constants.CODE_RESPONSE_TYPE));
|
|
24
|
-
}
|
|
25
|
-
/**
|
|
26
|
-
* add response_type = token id_token
|
|
27
|
-
*/
|
|
28
|
-
addResponseTypeForTokenAndIdToken() {
|
|
29
|
-
this.parameters.set(RESPONSE_TYPE, encodeURIComponent(`${Constants.TOKEN_RESPONSE_TYPE} ${Constants.ID_TOKEN_RESPONSE_TYPE}`));
|
|
30
|
-
}
|
|
31
|
-
/**
|
|
32
|
-
* add response_mode. defaults to query.
|
|
33
|
-
* @param responseMode
|
|
34
|
-
*/
|
|
35
|
-
addResponseMode(responseMode) {
|
|
36
|
-
this.parameters.set(RESPONSE_MODE, encodeURIComponent(responseMode ? responseMode : ResponseMode.QUERY));
|
|
37
|
-
}
|
|
38
|
-
/**
|
|
39
|
-
* Add flag to indicate STS should attempt to use WAM if available
|
|
40
|
-
*/
|
|
41
|
-
addNativeBroker() {
|
|
42
|
-
this.parameters.set(NATIVE_BROKER, encodeURIComponent("1"));
|
|
43
|
-
}
|
|
44
|
-
/**
|
|
45
|
-
* add scopes. set addOidcScopes to false to prevent default scopes in non-user scenarios
|
|
46
|
-
* @param scopeSet
|
|
47
|
-
* @param addOidcScopes
|
|
48
|
-
*/
|
|
49
|
-
addScopes(scopes, addOidcScopes = true, defaultScopes = OIDC_DEFAULT_SCOPES) {
|
|
50
|
-
// Always add openid to the scopes when adding OIDC scopes
|
|
51
|
-
if (addOidcScopes &&
|
|
52
|
-
!defaultScopes.includes("openid") &&
|
|
53
|
-
!scopes.includes("openid")) {
|
|
54
|
-
defaultScopes.push("openid");
|
|
55
|
-
}
|
|
56
|
-
const requestScopes = addOidcScopes
|
|
57
|
-
? [...(scopes || []), ...defaultScopes]
|
|
58
|
-
: scopes || [];
|
|
59
|
-
const scopeSet = new ScopeSet(requestScopes);
|
|
60
|
-
this.parameters.set(SCOPE, encodeURIComponent(scopeSet.printScopes()));
|
|
61
|
-
}
|
|
62
|
-
/**
|
|
63
|
-
* add clientId
|
|
64
|
-
* @param clientId
|
|
65
|
-
*/
|
|
66
|
-
addClientId(clientId) {
|
|
67
|
-
this.parameters.set(CLIENT_ID, encodeURIComponent(clientId));
|
|
68
|
-
}
|
|
69
|
-
/**
|
|
70
|
-
* add redirect_uri
|
|
71
|
-
* @param redirectUri
|
|
72
|
-
*/
|
|
73
|
-
addRedirectUri(redirectUri) {
|
|
74
|
-
RequestValidator.validateRedirectUri(redirectUri);
|
|
75
|
-
this.parameters.set(REDIRECT_URI, encodeURIComponent(redirectUri));
|
|
76
|
-
}
|
|
77
|
-
/**
|
|
78
|
-
* add post logout redirectUri
|
|
79
|
-
* @param redirectUri
|
|
80
|
-
*/
|
|
81
|
-
addPostLogoutRedirectUri(redirectUri) {
|
|
82
|
-
RequestValidator.validateRedirectUri(redirectUri);
|
|
83
|
-
this.parameters.set(POST_LOGOUT_URI, encodeURIComponent(redirectUri));
|
|
84
|
-
}
|
|
85
|
-
/**
|
|
86
|
-
* add id_token_hint to logout request
|
|
87
|
-
* @param idTokenHint
|
|
88
|
-
*/
|
|
89
|
-
addIdTokenHint(idTokenHint) {
|
|
90
|
-
this.parameters.set(ID_TOKEN_HINT, encodeURIComponent(idTokenHint));
|
|
91
|
-
}
|
|
92
|
-
/**
|
|
93
|
-
* add domain_hint
|
|
94
|
-
* @param domainHint
|
|
95
|
-
*/
|
|
96
|
-
addDomainHint(domainHint) {
|
|
97
|
-
this.parameters.set(DOMAIN_HINT, encodeURIComponent(domainHint));
|
|
98
|
-
}
|
|
99
|
-
/**
|
|
100
|
-
* add login_hint
|
|
101
|
-
* @param loginHint
|
|
102
|
-
*/
|
|
103
|
-
addLoginHint(loginHint) {
|
|
104
|
-
this.parameters.set(LOGIN_HINT, encodeURIComponent(loginHint));
|
|
105
|
-
}
|
|
106
|
-
/**
|
|
107
|
-
* Adds the CCS (Cache Credential Service) query parameter for login_hint
|
|
108
|
-
* @param loginHint
|
|
109
|
-
*/
|
|
110
|
-
addCcsUpn(loginHint) {
|
|
111
|
-
this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`UPN:${loginHint}`));
|
|
112
|
-
}
|
|
113
|
-
/**
|
|
114
|
-
* Adds the CCS (Cache Credential Service) query parameter for account object
|
|
115
|
-
* @param loginHint
|
|
116
|
-
*/
|
|
117
|
-
addCcsOid(clientInfo) {
|
|
118
|
-
this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`Oid:${clientInfo.uid}@${clientInfo.utid}`));
|
|
119
|
-
}
|
|
120
|
-
/**
|
|
121
|
-
* add sid
|
|
122
|
-
* @param sid
|
|
123
|
-
*/
|
|
124
|
-
addSid(sid) {
|
|
125
|
-
this.parameters.set(SID, encodeURIComponent(sid));
|
|
126
|
-
}
|
|
127
|
-
/**
|
|
128
|
-
* add claims
|
|
129
|
-
* @param claims
|
|
130
|
-
*/
|
|
131
|
-
addClaims(claims, clientCapabilities) {
|
|
132
|
-
const mergedClaims = this.addClientCapabilitiesToClaims(claims, clientCapabilities);
|
|
133
|
-
RequestValidator.validateClaims(mergedClaims);
|
|
134
|
-
this.parameters.set(CLAIMS, encodeURIComponent(mergedClaims));
|
|
135
|
-
}
|
|
136
|
-
/**
|
|
137
|
-
* add correlationId
|
|
138
|
-
* @param correlationId
|
|
139
|
-
*/
|
|
140
|
-
addCorrelationId(correlationId) {
|
|
141
|
-
this.parameters.set(CLIENT_REQUEST_ID, encodeURIComponent(correlationId));
|
|
142
|
-
}
|
|
143
|
-
/**
|
|
144
|
-
* add library info query params
|
|
145
|
-
* @param libraryInfo
|
|
146
|
-
*/
|
|
147
|
-
addLibraryInfo(libraryInfo) {
|
|
148
|
-
// Telemetry Info
|
|
149
|
-
this.parameters.set(X_CLIENT_SKU, libraryInfo.sku);
|
|
150
|
-
this.parameters.set(X_CLIENT_VER, libraryInfo.version);
|
|
151
|
-
if (libraryInfo.os) {
|
|
152
|
-
this.parameters.set(X_CLIENT_OS, libraryInfo.os);
|
|
153
|
-
}
|
|
154
|
-
if (libraryInfo.cpu) {
|
|
155
|
-
this.parameters.set(X_CLIENT_CPU, libraryInfo.cpu);
|
|
156
|
-
}
|
|
157
|
-
}
|
|
158
|
-
/**
|
|
159
|
-
* Add client telemetry parameters
|
|
160
|
-
* @param appTelemetry
|
|
161
|
-
*/
|
|
162
|
-
addApplicationTelemetry(appTelemetry) {
|
|
163
|
-
if (appTelemetry?.appName) {
|
|
164
|
-
this.parameters.set(X_APP_NAME, appTelemetry.appName);
|
|
165
|
-
}
|
|
166
|
-
if (appTelemetry?.appVersion) {
|
|
167
|
-
this.parameters.set(X_APP_VER, appTelemetry.appVersion);
|
|
168
|
-
}
|
|
169
|
-
}
|
|
170
|
-
/**
|
|
171
|
-
* add prompt
|
|
172
|
-
* @param prompt
|
|
173
|
-
*/
|
|
174
|
-
addPrompt(prompt) {
|
|
175
|
-
RequestValidator.validatePrompt(prompt);
|
|
176
|
-
this.parameters.set(`${PROMPT}`, encodeURIComponent(prompt));
|
|
177
|
-
}
|
|
178
|
-
/**
|
|
179
|
-
* add state
|
|
180
|
-
* @param state
|
|
181
|
-
*/
|
|
182
|
-
addState(state) {
|
|
183
|
-
if (state) {
|
|
184
|
-
this.parameters.set(STATE, encodeURIComponent(state));
|
|
185
|
-
}
|
|
186
|
-
}
|
|
187
|
-
/**
|
|
188
|
-
* add nonce
|
|
189
|
-
* @param nonce
|
|
190
|
-
*/
|
|
191
|
-
addNonce(nonce) {
|
|
192
|
-
this.parameters.set(NONCE, encodeURIComponent(nonce));
|
|
193
|
-
}
|
|
194
|
-
/**
|
|
195
|
-
* add code_challenge and code_challenge_method
|
|
196
|
-
* - throw if either of them are not passed
|
|
197
|
-
* @param codeChallenge
|
|
198
|
-
* @param codeChallengeMethod
|
|
199
|
-
*/
|
|
200
|
-
addCodeChallengeParams(codeChallenge, codeChallengeMethod) {
|
|
201
|
-
RequestValidator.validateCodeChallengeParams(codeChallenge, codeChallengeMethod);
|
|
202
|
-
if (codeChallenge && codeChallengeMethod) {
|
|
203
|
-
this.parameters.set(CODE_CHALLENGE, encodeURIComponent(codeChallenge));
|
|
204
|
-
this.parameters.set(CODE_CHALLENGE_METHOD, encodeURIComponent(codeChallengeMethod));
|
|
205
|
-
}
|
|
206
|
-
else {
|
|
207
|
-
throw createClientConfigurationError(pkceParamsMissing);
|
|
208
|
-
}
|
|
209
|
-
}
|
|
210
|
-
/**
|
|
211
|
-
* add the `authorization_code` passed by the user to exchange for a token
|
|
212
|
-
* @param code
|
|
213
|
-
*/
|
|
214
|
-
addAuthorizationCode(code) {
|
|
215
|
-
this.parameters.set(CODE, encodeURIComponent(code));
|
|
216
|
-
}
|
|
217
|
-
/**
|
|
218
|
-
* add the `authorization_code` passed by the user to exchange for a token
|
|
219
|
-
* @param code
|
|
220
|
-
*/
|
|
221
|
-
addDeviceCode(code) {
|
|
222
|
-
this.parameters.set(DEVICE_CODE, encodeURIComponent(code));
|
|
223
|
-
}
|
|
224
|
-
/**
|
|
225
|
-
* add the `refreshToken` passed by the user
|
|
226
|
-
* @param refreshToken
|
|
227
|
-
*/
|
|
228
|
-
addRefreshToken(refreshToken) {
|
|
229
|
-
this.parameters.set(REFRESH_TOKEN, encodeURIComponent(refreshToken));
|
|
230
|
-
}
|
|
231
|
-
/**
|
|
232
|
-
* add the `code_verifier` passed by the user to exchange for a token
|
|
233
|
-
* @param codeVerifier
|
|
234
|
-
*/
|
|
235
|
-
addCodeVerifier(codeVerifier) {
|
|
236
|
-
this.parameters.set(CODE_VERIFIER, encodeURIComponent(codeVerifier));
|
|
237
|
-
}
|
|
238
|
-
/**
|
|
239
|
-
* add client_secret
|
|
240
|
-
* @param clientSecret
|
|
241
|
-
*/
|
|
242
|
-
addClientSecret(clientSecret) {
|
|
243
|
-
this.parameters.set(CLIENT_SECRET, encodeURIComponent(clientSecret));
|
|
244
|
-
}
|
|
245
|
-
/**
|
|
246
|
-
* add clientAssertion for confidential client flows
|
|
247
|
-
* @param clientAssertion
|
|
248
|
-
*/
|
|
249
|
-
addClientAssertion(clientAssertion) {
|
|
250
|
-
if (clientAssertion) {
|
|
251
|
-
this.parameters.set(CLIENT_ASSERTION, encodeURIComponent(clientAssertion));
|
|
252
|
-
}
|
|
253
|
-
}
|
|
254
|
-
/**
|
|
255
|
-
* add clientAssertionType for confidential client flows
|
|
256
|
-
* @param clientAssertionType
|
|
257
|
-
*/
|
|
258
|
-
addClientAssertionType(clientAssertionType) {
|
|
259
|
-
if (clientAssertionType) {
|
|
260
|
-
this.parameters.set(CLIENT_ASSERTION_TYPE, encodeURIComponent(clientAssertionType));
|
|
261
|
-
}
|
|
262
|
-
}
|
|
263
|
-
/**
|
|
264
|
-
* add OBO assertion for confidential client flows
|
|
265
|
-
* @param clientAssertion
|
|
266
|
-
*/
|
|
267
|
-
addOboAssertion(oboAssertion) {
|
|
268
|
-
this.parameters.set(OBO_ASSERTION, encodeURIComponent(oboAssertion));
|
|
269
|
-
}
|
|
270
|
-
/**
|
|
271
|
-
* add grant type
|
|
272
|
-
* @param grantType
|
|
273
|
-
*/
|
|
274
|
-
addRequestTokenUse(tokenUse) {
|
|
275
|
-
this.parameters.set(REQUESTED_TOKEN_USE, encodeURIComponent(tokenUse));
|
|
276
|
-
}
|
|
277
|
-
/**
|
|
278
|
-
* add grant type
|
|
279
|
-
* @param grantType
|
|
280
|
-
*/
|
|
281
|
-
addGrantType(grantType) {
|
|
282
|
-
this.parameters.set(GRANT_TYPE, encodeURIComponent(grantType));
|
|
283
|
-
}
|
|
284
|
-
/**
|
|
285
|
-
* add client info
|
|
286
|
-
*
|
|
287
|
-
*/
|
|
288
|
-
addClientInfo() {
|
|
289
|
-
this.parameters.set(CLIENT_INFO, "1");
|
|
290
|
-
}
|
|
291
|
-
/**
|
|
292
|
-
* add extraQueryParams
|
|
293
|
-
* @param eQParams
|
|
294
|
-
*/
|
|
295
|
-
addExtraQueryParameters(eQParams) {
|
|
296
|
-
Object.entries(eQParams).forEach(([key, value]) => {
|
|
297
|
-
if (!this.parameters.has(key) && value) {
|
|
298
|
-
this.parameters.set(key, value);
|
|
299
|
-
}
|
|
300
|
-
});
|
|
301
|
-
}
|
|
302
|
-
addClientCapabilitiesToClaims(claims, clientCapabilities) {
|
|
303
|
-
let mergedClaims;
|
|
304
|
-
// Parse provided claims into JSON object or initialize empty object
|
|
305
|
-
if (!claims) {
|
|
306
|
-
mergedClaims = {};
|
|
307
|
-
}
|
|
308
|
-
else {
|
|
309
|
-
try {
|
|
310
|
-
mergedClaims = JSON.parse(claims);
|
|
311
|
-
}
|
|
312
|
-
catch (e) {
|
|
313
|
-
throw createClientConfigurationError(invalidClaims);
|
|
314
|
-
}
|
|
315
|
-
}
|
|
316
|
-
if (clientCapabilities && clientCapabilities.length > 0) {
|
|
317
|
-
if (!mergedClaims.hasOwnProperty(ClaimsRequestKeys.ACCESS_TOKEN)) {
|
|
318
|
-
// Add access_token key to claims object
|
|
319
|
-
mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};
|
|
320
|
-
}
|
|
321
|
-
// Add xms_cc claim with provided clientCapabilities to access_token key
|
|
322
|
-
mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][ClaimsRequestKeys.XMS_CC] = {
|
|
323
|
-
values: clientCapabilities,
|
|
324
|
-
};
|
|
325
|
-
}
|
|
326
|
-
return JSON.stringify(mergedClaims);
|
|
327
|
-
}
|
|
328
|
-
/**
|
|
329
|
-
* adds `username` for Password Grant flow
|
|
330
|
-
* @param username
|
|
331
|
-
*/
|
|
332
|
-
addUsername(username) {
|
|
333
|
-
this.parameters.set(PasswordGrantConstants.username, encodeURIComponent(username));
|
|
334
|
-
}
|
|
335
|
-
/**
|
|
336
|
-
* adds `password` for Password Grant flow
|
|
337
|
-
* @param password
|
|
338
|
-
*/
|
|
339
|
-
addPassword(password) {
|
|
340
|
-
this.parameters.set(PasswordGrantConstants.password, encodeURIComponent(password));
|
|
341
|
-
}
|
|
342
|
-
/**
|
|
343
|
-
* add pop_jwk to query params
|
|
344
|
-
* @param cnfString
|
|
345
|
-
*/
|
|
346
|
-
addPopToken(cnfString) {
|
|
347
|
-
if (cnfString) {
|
|
348
|
-
this.parameters.set(TOKEN_TYPE, AuthenticationScheme.POP);
|
|
349
|
-
this.parameters.set(REQ_CNF, encodeURIComponent(cnfString));
|
|
350
|
-
}
|
|
351
|
-
}
|
|
352
|
-
/**
|
|
353
|
-
* add SSH JWK and key ID to query params
|
|
354
|
-
*/
|
|
355
|
-
addSshJwk(sshJwkString) {
|
|
356
|
-
if (sshJwkString) {
|
|
357
|
-
this.parameters.set(TOKEN_TYPE, AuthenticationScheme.SSH);
|
|
358
|
-
this.parameters.set(REQ_CNF, encodeURIComponent(sshJwkString));
|
|
359
|
-
}
|
|
360
|
-
}
|
|
361
|
-
/**
|
|
362
|
-
* add server telemetry fields
|
|
363
|
-
* @param serverTelemetryManager
|
|
364
|
-
*/
|
|
365
|
-
addServerTelemetry(serverTelemetryManager) {
|
|
366
|
-
this.parameters.set(X_CLIENT_CURR_TELEM, serverTelemetryManager.generateCurrentRequestHeaderValue());
|
|
367
|
-
this.parameters.set(X_CLIENT_LAST_TELEM, serverTelemetryManager.generateLastRequestHeaderValue());
|
|
368
|
-
}
|
|
369
|
-
/**
|
|
370
|
-
* Adds parameter that indicates to the server that throttling is supported
|
|
371
|
-
*/
|
|
372
|
-
addThrottling() {
|
|
373
|
-
this.parameters.set(X_MS_LIB_CAPABILITY, ThrottlingConstants.X_MS_LIB_CAPABILITY_VALUE);
|
|
374
|
-
}
|
|
375
|
-
/**
|
|
376
|
-
* Adds logout_hint parameter for "silent" logout which prevent server account picker
|
|
377
|
-
*/
|
|
378
|
-
addLogoutHint(logoutHint) {
|
|
379
|
-
this.parameters.set(LOGOUT_HINT, encodeURIComponent(logoutHint));
|
|
380
|
-
}
|
|
381
|
-
/**
|
|
382
|
-
* Utility to create a URL from the params map
|
|
383
|
-
*/
|
|
384
|
-
createQueryString() {
|
|
385
|
-
const queryParameterArray = new Array();
|
|
386
|
-
this.parameters.forEach((value, key) => {
|
|
387
|
-
queryParameterArray.push(`${key}=${value}`);
|
|
388
|
-
});
|
|
389
|
-
return queryParameterArray.join("&");
|
|
390
|
-
}
|
|
10
|
+
/*
|
|
11
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
12
|
+
* Licensed under the MIT License.
|
|
13
|
+
*/
|
|
14
|
+
/** @internal */
|
|
15
|
+
class RequestParameterBuilder {
|
|
16
|
+
constructor() {
|
|
17
|
+
this.parameters = new Map();
|
|
18
|
+
}
|
|
19
|
+
/**
|
|
20
|
+
* add response_type = code
|
|
21
|
+
*/
|
|
22
|
+
addResponseTypeCode() {
|
|
23
|
+
this.parameters.set(RESPONSE_TYPE, encodeURIComponent(Constants.CODE_RESPONSE_TYPE));
|
|
24
|
+
}
|
|
25
|
+
/**
|
|
26
|
+
* add response_type = token id_token
|
|
27
|
+
*/
|
|
28
|
+
addResponseTypeForTokenAndIdToken() {
|
|
29
|
+
this.parameters.set(RESPONSE_TYPE, encodeURIComponent(`${Constants.TOKEN_RESPONSE_TYPE} ${Constants.ID_TOKEN_RESPONSE_TYPE}`));
|
|
30
|
+
}
|
|
31
|
+
/**
|
|
32
|
+
* add response_mode. defaults to query.
|
|
33
|
+
* @param responseMode
|
|
34
|
+
*/
|
|
35
|
+
addResponseMode(responseMode) {
|
|
36
|
+
this.parameters.set(RESPONSE_MODE, encodeURIComponent(responseMode ? responseMode : ResponseMode.QUERY));
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* Add flag to indicate STS should attempt to use WAM if available
|
|
40
|
+
*/
|
|
41
|
+
addNativeBroker() {
|
|
42
|
+
this.parameters.set(NATIVE_BROKER, encodeURIComponent("1"));
|
|
43
|
+
}
|
|
44
|
+
/**
|
|
45
|
+
* add scopes. set addOidcScopes to false to prevent default scopes in non-user scenarios
|
|
46
|
+
* @param scopeSet
|
|
47
|
+
* @param addOidcScopes
|
|
48
|
+
*/
|
|
49
|
+
addScopes(scopes, addOidcScopes = true, defaultScopes = OIDC_DEFAULT_SCOPES) {
|
|
50
|
+
// Always add openid to the scopes when adding OIDC scopes
|
|
51
|
+
if (addOidcScopes &&
|
|
52
|
+
!defaultScopes.includes("openid") &&
|
|
53
|
+
!scopes.includes("openid")) {
|
|
54
|
+
defaultScopes.push("openid");
|
|
55
|
+
}
|
|
56
|
+
const requestScopes = addOidcScopes
|
|
57
|
+
? [...(scopes || []), ...defaultScopes]
|
|
58
|
+
: scopes || [];
|
|
59
|
+
const scopeSet = new ScopeSet(requestScopes);
|
|
60
|
+
this.parameters.set(SCOPE, encodeURIComponent(scopeSet.printScopes()));
|
|
61
|
+
}
|
|
62
|
+
/**
|
|
63
|
+
* add clientId
|
|
64
|
+
* @param clientId
|
|
65
|
+
*/
|
|
66
|
+
addClientId(clientId) {
|
|
67
|
+
this.parameters.set(CLIENT_ID, encodeURIComponent(clientId));
|
|
68
|
+
}
|
|
69
|
+
/**
|
|
70
|
+
* add redirect_uri
|
|
71
|
+
* @param redirectUri
|
|
72
|
+
*/
|
|
73
|
+
addRedirectUri(redirectUri) {
|
|
74
|
+
RequestValidator.validateRedirectUri(redirectUri);
|
|
75
|
+
this.parameters.set(REDIRECT_URI, encodeURIComponent(redirectUri));
|
|
76
|
+
}
|
|
77
|
+
/**
|
|
78
|
+
* add post logout redirectUri
|
|
79
|
+
* @param redirectUri
|
|
80
|
+
*/
|
|
81
|
+
addPostLogoutRedirectUri(redirectUri) {
|
|
82
|
+
RequestValidator.validateRedirectUri(redirectUri);
|
|
83
|
+
this.parameters.set(POST_LOGOUT_URI, encodeURIComponent(redirectUri));
|
|
84
|
+
}
|
|
85
|
+
/**
|
|
86
|
+
* add id_token_hint to logout request
|
|
87
|
+
* @param idTokenHint
|
|
88
|
+
*/
|
|
89
|
+
addIdTokenHint(idTokenHint) {
|
|
90
|
+
this.parameters.set(ID_TOKEN_HINT, encodeURIComponent(idTokenHint));
|
|
91
|
+
}
|
|
92
|
+
/**
|
|
93
|
+
* add domain_hint
|
|
94
|
+
* @param domainHint
|
|
95
|
+
*/
|
|
96
|
+
addDomainHint(domainHint) {
|
|
97
|
+
this.parameters.set(DOMAIN_HINT, encodeURIComponent(domainHint));
|
|
98
|
+
}
|
|
99
|
+
/**
|
|
100
|
+
* add login_hint
|
|
101
|
+
* @param loginHint
|
|
102
|
+
*/
|
|
103
|
+
addLoginHint(loginHint) {
|
|
104
|
+
this.parameters.set(LOGIN_HINT, encodeURIComponent(loginHint));
|
|
105
|
+
}
|
|
106
|
+
/**
|
|
107
|
+
* Adds the CCS (Cache Credential Service) query parameter for login_hint
|
|
108
|
+
* @param loginHint
|
|
109
|
+
*/
|
|
110
|
+
addCcsUpn(loginHint) {
|
|
111
|
+
this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`UPN:${loginHint}`));
|
|
112
|
+
}
|
|
113
|
+
/**
|
|
114
|
+
* Adds the CCS (Cache Credential Service) query parameter for account object
|
|
115
|
+
* @param loginHint
|
|
116
|
+
*/
|
|
117
|
+
addCcsOid(clientInfo) {
|
|
118
|
+
this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`Oid:${clientInfo.uid}@${clientInfo.utid}`));
|
|
119
|
+
}
|
|
120
|
+
/**
|
|
121
|
+
* add sid
|
|
122
|
+
* @param sid
|
|
123
|
+
*/
|
|
124
|
+
addSid(sid) {
|
|
125
|
+
this.parameters.set(SID, encodeURIComponent(sid));
|
|
126
|
+
}
|
|
127
|
+
/**
|
|
128
|
+
* add claims
|
|
129
|
+
* @param claims
|
|
130
|
+
*/
|
|
131
|
+
addClaims(claims, clientCapabilities) {
|
|
132
|
+
const mergedClaims = this.addClientCapabilitiesToClaims(claims, clientCapabilities);
|
|
133
|
+
RequestValidator.validateClaims(mergedClaims);
|
|
134
|
+
this.parameters.set(CLAIMS, encodeURIComponent(mergedClaims));
|
|
135
|
+
}
|
|
136
|
+
/**
|
|
137
|
+
* add correlationId
|
|
138
|
+
* @param correlationId
|
|
139
|
+
*/
|
|
140
|
+
addCorrelationId(correlationId) {
|
|
141
|
+
this.parameters.set(CLIENT_REQUEST_ID, encodeURIComponent(correlationId));
|
|
142
|
+
}
|
|
143
|
+
/**
|
|
144
|
+
* add library info query params
|
|
145
|
+
* @param libraryInfo
|
|
146
|
+
*/
|
|
147
|
+
addLibraryInfo(libraryInfo) {
|
|
148
|
+
// Telemetry Info
|
|
149
|
+
this.parameters.set(X_CLIENT_SKU, libraryInfo.sku);
|
|
150
|
+
this.parameters.set(X_CLIENT_VER, libraryInfo.version);
|
|
151
|
+
if (libraryInfo.os) {
|
|
152
|
+
this.parameters.set(X_CLIENT_OS, libraryInfo.os);
|
|
153
|
+
}
|
|
154
|
+
if (libraryInfo.cpu) {
|
|
155
|
+
this.parameters.set(X_CLIENT_CPU, libraryInfo.cpu);
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
/**
|
|
159
|
+
* Add client telemetry parameters
|
|
160
|
+
* @param appTelemetry
|
|
161
|
+
*/
|
|
162
|
+
addApplicationTelemetry(appTelemetry) {
|
|
163
|
+
if (appTelemetry?.appName) {
|
|
164
|
+
this.parameters.set(X_APP_NAME, appTelemetry.appName);
|
|
165
|
+
}
|
|
166
|
+
if (appTelemetry?.appVersion) {
|
|
167
|
+
this.parameters.set(X_APP_VER, appTelemetry.appVersion);
|
|
168
|
+
}
|
|
169
|
+
}
|
|
170
|
+
/**
|
|
171
|
+
* add prompt
|
|
172
|
+
* @param prompt
|
|
173
|
+
*/
|
|
174
|
+
addPrompt(prompt) {
|
|
175
|
+
RequestValidator.validatePrompt(prompt);
|
|
176
|
+
this.parameters.set(`${PROMPT}`, encodeURIComponent(prompt));
|
|
177
|
+
}
|
|
178
|
+
/**
|
|
179
|
+
* add state
|
|
180
|
+
* @param state
|
|
181
|
+
*/
|
|
182
|
+
addState(state) {
|
|
183
|
+
if (state) {
|
|
184
|
+
this.parameters.set(STATE, encodeURIComponent(state));
|
|
185
|
+
}
|
|
186
|
+
}
|
|
187
|
+
/**
|
|
188
|
+
* add nonce
|
|
189
|
+
* @param nonce
|
|
190
|
+
*/
|
|
191
|
+
addNonce(nonce) {
|
|
192
|
+
this.parameters.set(NONCE, encodeURIComponent(nonce));
|
|
193
|
+
}
|
|
194
|
+
/**
|
|
195
|
+
* add code_challenge and code_challenge_method
|
|
196
|
+
* - throw if either of them are not passed
|
|
197
|
+
* @param codeChallenge
|
|
198
|
+
* @param codeChallengeMethod
|
|
199
|
+
*/
|
|
200
|
+
addCodeChallengeParams(codeChallenge, codeChallengeMethod) {
|
|
201
|
+
RequestValidator.validateCodeChallengeParams(codeChallenge, codeChallengeMethod);
|
|
202
|
+
if (codeChallenge && codeChallengeMethod) {
|
|
203
|
+
this.parameters.set(CODE_CHALLENGE, encodeURIComponent(codeChallenge));
|
|
204
|
+
this.parameters.set(CODE_CHALLENGE_METHOD, encodeURIComponent(codeChallengeMethod));
|
|
205
|
+
}
|
|
206
|
+
else {
|
|
207
|
+
throw createClientConfigurationError(pkceParamsMissing);
|
|
208
|
+
}
|
|
209
|
+
}
|
|
210
|
+
/**
|
|
211
|
+
* add the `authorization_code` passed by the user to exchange for a token
|
|
212
|
+
* @param code
|
|
213
|
+
*/
|
|
214
|
+
addAuthorizationCode(code) {
|
|
215
|
+
this.parameters.set(CODE, encodeURIComponent(code));
|
|
216
|
+
}
|
|
217
|
+
/**
|
|
218
|
+
* add the `authorization_code` passed by the user to exchange for a token
|
|
219
|
+
* @param code
|
|
220
|
+
*/
|
|
221
|
+
addDeviceCode(code) {
|
|
222
|
+
this.parameters.set(DEVICE_CODE, encodeURIComponent(code));
|
|
223
|
+
}
|
|
224
|
+
/**
|
|
225
|
+
* add the `refreshToken` passed by the user
|
|
226
|
+
* @param refreshToken
|
|
227
|
+
*/
|
|
228
|
+
addRefreshToken(refreshToken) {
|
|
229
|
+
this.parameters.set(REFRESH_TOKEN, encodeURIComponent(refreshToken));
|
|
230
|
+
}
|
|
231
|
+
/**
|
|
232
|
+
* add the `code_verifier` passed by the user to exchange for a token
|
|
233
|
+
* @param codeVerifier
|
|
234
|
+
*/
|
|
235
|
+
addCodeVerifier(codeVerifier) {
|
|
236
|
+
this.parameters.set(CODE_VERIFIER, encodeURIComponent(codeVerifier));
|
|
237
|
+
}
|
|
238
|
+
/**
|
|
239
|
+
* add client_secret
|
|
240
|
+
* @param clientSecret
|
|
241
|
+
*/
|
|
242
|
+
addClientSecret(clientSecret) {
|
|
243
|
+
this.parameters.set(CLIENT_SECRET, encodeURIComponent(clientSecret));
|
|
244
|
+
}
|
|
245
|
+
/**
|
|
246
|
+
* add clientAssertion for confidential client flows
|
|
247
|
+
* @param clientAssertion
|
|
248
|
+
*/
|
|
249
|
+
addClientAssertion(clientAssertion) {
|
|
250
|
+
if (clientAssertion) {
|
|
251
|
+
this.parameters.set(CLIENT_ASSERTION, encodeURIComponent(clientAssertion));
|
|
252
|
+
}
|
|
253
|
+
}
|
|
254
|
+
/**
|
|
255
|
+
* add clientAssertionType for confidential client flows
|
|
256
|
+
* @param clientAssertionType
|
|
257
|
+
*/
|
|
258
|
+
addClientAssertionType(clientAssertionType) {
|
|
259
|
+
if (clientAssertionType) {
|
|
260
|
+
this.parameters.set(CLIENT_ASSERTION_TYPE, encodeURIComponent(clientAssertionType));
|
|
261
|
+
}
|
|
262
|
+
}
|
|
263
|
+
/**
|
|
264
|
+
* add OBO assertion for confidential client flows
|
|
265
|
+
* @param clientAssertion
|
|
266
|
+
*/
|
|
267
|
+
addOboAssertion(oboAssertion) {
|
|
268
|
+
this.parameters.set(OBO_ASSERTION, encodeURIComponent(oboAssertion));
|
|
269
|
+
}
|
|
270
|
+
/**
|
|
271
|
+
* add grant type
|
|
272
|
+
* @param grantType
|
|
273
|
+
*/
|
|
274
|
+
addRequestTokenUse(tokenUse) {
|
|
275
|
+
this.parameters.set(REQUESTED_TOKEN_USE, encodeURIComponent(tokenUse));
|
|
276
|
+
}
|
|
277
|
+
/**
|
|
278
|
+
* add grant type
|
|
279
|
+
* @param grantType
|
|
280
|
+
*/
|
|
281
|
+
addGrantType(grantType) {
|
|
282
|
+
this.parameters.set(GRANT_TYPE, encodeURIComponent(grantType));
|
|
283
|
+
}
|
|
284
|
+
/**
|
|
285
|
+
* add client info
|
|
286
|
+
*
|
|
287
|
+
*/
|
|
288
|
+
addClientInfo() {
|
|
289
|
+
this.parameters.set(CLIENT_INFO, "1");
|
|
290
|
+
}
|
|
291
|
+
/**
|
|
292
|
+
* add extraQueryParams
|
|
293
|
+
* @param eQParams
|
|
294
|
+
*/
|
|
295
|
+
addExtraQueryParameters(eQParams) {
|
|
296
|
+
Object.entries(eQParams).forEach(([key, value]) => {
|
|
297
|
+
if (!this.parameters.has(key) && value) {
|
|
298
|
+
this.parameters.set(key, value);
|
|
299
|
+
}
|
|
300
|
+
});
|
|
301
|
+
}
|
|
302
|
+
addClientCapabilitiesToClaims(claims, clientCapabilities) {
|
|
303
|
+
let mergedClaims;
|
|
304
|
+
// Parse provided claims into JSON object or initialize empty object
|
|
305
|
+
if (!claims) {
|
|
306
|
+
mergedClaims = {};
|
|
307
|
+
}
|
|
308
|
+
else {
|
|
309
|
+
try {
|
|
310
|
+
mergedClaims = JSON.parse(claims);
|
|
311
|
+
}
|
|
312
|
+
catch (e) {
|
|
313
|
+
throw createClientConfigurationError(invalidClaims);
|
|
314
|
+
}
|
|
315
|
+
}
|
|
316
|
+
if (clientCapabilities && clientCapabilities.length > 0) {
|
|
317
|
+
if (!mergedClaims.hasOwnProperty(ClaimsRequestKeys.ACCESS_TOKEN)) {
|
|
318
|
+
// Add access_token key to claims object
|
|
319
|
+
mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};
|
|
320
|
+
}
|
|
321
|
+
// Add xms_cc claim with provided clientCapabilities to access_token key
|
|
322
|
+
mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][ClaimsRequestKeys.XMS_CC] = {
|
|
323
|
+
values: clientCapabilities,
|
|
324
|
+
};
|
|
325
|
+
}
|
|
326
|
+
return JSON.stringify(mergedClaims);
|
|
327
|
+
}
|
|
328
|
+
/**
|
|
329
|
+
* adds `username` for Password Grant flow
|
|
330
|
+
* @param username
|
|
331
|
+
*/
|
|
332
|
+
addUsername(username) {
|
|
333
|
+
this.parameters.set(PasswordGrantConstants.username, encodeURIComponent(username));
|
|
334
|
+
}
|
|
335
|
+
/**
|
|
336
|
+
* adds `password` for Password Grant flow
|
|
337
|
+
* @param password
|
|
338
|
+
*/
|
|
339
|
+
addPassword(password) {
|
|
340
|
+
this.parameters.set(PasswordGrantConstants.password, encodeURIComponent(password));
|
|
341
|
+
}
|
|
342
|
+
/**
|
|
343
|
+
* add pop_jwk to query params
|
|
344
|
+
* @param cnfString
|
|
345
|
+
*/
|
|
346
|
+
addPopToken(cnfString) {
|
|
347
|
+
if (cnfString) {
|
|
348
|
+
this.parameters.set(TOKEN_TYPE, AuthenticationScheme.POP);
|
|
349
|
+
this.parameters.set(REQ_CNF, encodeURIComponent(cnfString));
|
|
350
|
+
}
|
|
351
|
+
}
|
|
352
|
+
/**
|
|
353
|
+
* add SSH JWK and key ID to query params
|
|
354
|
+
*/
|
|
355
|
+
addSshJwk(sshJwkString) {
|
|
356
|
+
if (sshJwkString) {
|
|
357
|
+
this.parameters.set(TOKEN_TYPE, AuthenticationScheme.SSH);
|
|
358
|
+
this.parameters.set(REQ_CNF, encodeURIComponent(sshJwkString));
|
|
359
|
+
}
|
|
360
|
+
}
|
|
361
|
+
/**
|
|
362
|
+
* add server telemetry fields
|
|
363
|
+
* @param serverTelemetryManager
|
|
364
|
+
*/
|
|
365
|
+
addServerTelemetry(serverTelemetryManager) {
|
|
366
|
+
this.parameters.set(X_CLIENT_CURR_TELEM, serverTelemetryManager.generateCurrentRequestHeaderValue());
|
|
367
|
+
this.parameters.set(X_CLIENT_LAST_TELEM, serverTelemetryManager.generateLastRequestHeaderValue());
|
|
368
|
+
}
|
|
369
|
+
/**
|
|
370
|
+
* Adds parameter that indicates to the server that throttling is supported
|
|
371
|
+
*/
|
|
372
|
+
addThrottling() {
|
|
373
|
+
this.parameters.set(X_MS_LIB_CAPABILITY, ThrottlingConstants.X_MS_LIB_CAPABILITY_VALUE);
|
|
374
|
+
}
|
|
375
|
+
/**
|
|
376
|
+
* Adds logout_hint parameter for "silent" logout which prevent server account picker
|
|
377
|
+
*/
|
|
378
|
+
addLogoutHint(logoutHint) {
|
|
379
|
+
this.parameters.set(LOGOUT_HINT, encodeURIComponent(logoutHint));
|
|
380
|
+
}
|
|
381
|
+
/**
|
|
382
|
+
* Utility to create a URL from the params map
|
|
383
|
+
*/
|
|
384
|
+
createQueryString() {
|
|
385
|
+
const queryParameterArray = new Array();
|
|
386
|
+
this.parameters.forEach((value, key) => {
|
|
387
|
+
queryParameterArray.push(`${key}=${value}`);
|
|
388
|
+
});
|
|
389
|
+
return queryParameterArray.join("&");
|
|
390
|
+
}
|
|
391
391
|
}
|
|
392
392
|
|
|
393
393
|
export { RequestParameterBuilder };
|