@azure/msal-common 14.14.0 → 14.14.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (185) hide show
  1. package/dist/account/AccountInfo.d.ts +66 -66
  2. package/dist/account/AccountInfo.mjs +77 -77
  3. package/dist/account/AuthToken.d.ts +17 -17
  4. package/dist/account/AuthToken.mjs +58 -58
  5. package/dist/account/CcsCredential.d.ts +9 -9
  6. package/dist/account/CcsCredential.mjs +8 -8
  7. package/dist/account/ClientCredentials.d.ts +19 -19
  8. package/dist/account/ClientInfo.d.ts +18 -18
  9. package/dist/account/ClientInfo.mjs +37 -37
  10. package/dist/account/TokenClaims.d.ts +83 -83
  11. package/dist/account/TokenClaims.mjs +20 -20
  12. package/dist/authority/Authority.d.ts +254 -254
  13. package/dist/authority/Authority.mjs +836 -836
  14. package/dist/authority/AuthorityFactory.d.ts +18 -18
  15. package/dist/authority/AuthorityFactory.mjs +28 -28
  16. package/dist/authority/AuthorityMetadata.d.ts +43 -43
  17. package/dist/authority/AuthorityMetadata.mjs +137 -137
  18. package/dist/authority/AuthorityOptions.d.ts +27 -27
  19. package/dist/authority/AuthorityOptions.mjs +18 -18
  20. package/dist/authority/AuthorityType.d.ts +10 -10
  21. package/dist/authority/AuthorityType.mjs +13 -13
  22. package/dist/authority/AzureRegion.d.ts +1 -1
  23. package/dist/authority/AzureRegionConfiguration.d.ts +5 -5
  24. package/dist/authority/CloudDiscoveryMetadata.d.ts +5 -5
  25. package/dist/authority/CloudInstanceDiscoveryErrorResponse.d.ts +13 -13
  26. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +8 -8
  27. package/dist/authority/CloudInstanceDiscoveryResponse.d.ts +9 -9
  28. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +8 -8
  29. package/dist/authority/ImdsOptions.d.ts +5 -5
  30. package/dist/authority/OIDCOptions.d.ts +8 -8
  31. package/dist/authority/OpenIdConfigResponse.d.ts +11 -11
  32. package/dist/authority/OpenIdConfigResponse.mjs +10 -10
  33. package/dist/authority/ProtocolMode.d.ts +8 -8
  34. package/dist/authority/ProtocolMode.mjs +11 -11
  35. package/dist/authority/RegionDiscovery.d.ts +32 -32
  36. package/dist/authority/RegionDiscovery.mjs +106 -106
  37. package/dist/authority/RegionDiscoveryMetadata.d.ts +6 -6
  38. package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +15 -15
  39. package/dist/cache/CacheManager.d.ts +497 -497
  40. package/dist/cache/CacheManager.mjs +1249 -1249
  41. package/dist/cache/entities/AccessTokenEntity.d.ts +25 -25
  42. package/dist/cache/entities/AccountEntity.d.ts +106 -106
  43. package/dist/cache/entities/AccountEntity.mjs +240 -240
  44. package/dist/cache/entities/AppMetadataEntity.d.ts +11 -11
  45. package/dist/cache/entities/AuthorityMetadataEntity.d.ts +15 -15
  46. package/dist/cache/entities/CacheRecord.d.ts +13 -13
  47. package/dist/cache/entities/CredentialEntity.d.ts +30 -30
  48. package/dist/cache/entities/IdTokenEntity.d.ts +8 -8
  49. package/dist/cache/entities/RefreshTokenEntity.d.ts +7 -7
  50. package/dist/cache/entities/ServerTelemetryEntity.d.ts +6 -6
  51. package/dist/cache/entities/ThrottlingEntity.d.ts +7 -7
  52. package/dist/cache/interface/ICacheManager.d.ts +166 -166
  53. package/dist/cache/interface/ICachePlugin.d.ts +5 -5
  54. package/dist/cache/interface/ISerializableTokenCache.d.ts +4 -4
  55. package/dist/cache/persistence/TokenCacheContext.d.ts +23 -23
  56. package/dist/cache/persistence/TokenCacheContext.mjs +25 -25
  57. package/dist/cache/utils/CacheHelpers.d.ts +94 -94
  58. package/dist/cache/utils/CacheHelpers.mjs +324 -324
  59. package/dist/cache/utils/CacheTypes.d.ts +69 -69
  60. package/dist/client/AuthorizationCodeClient.d.ts +74 -74
  61. package/dist/client/AuthorizationCodeClient.mjs +420 -420
  62. package/dist/client/BaseClient.d.ts +51 -51
  63. package/dist/client/BaseClient.mjs +100 -100
  64. package/dist/client/RefreshTokenClient.d.ts +35 -35
  65. package/dist/client/RefreshTokenClient.mjs +211 -211
  66. package/dist/client/SilentFlowClient.d.ts +27 -27
  67. package/dist/client/SilentFlowClient.mjs +133 -133
  68. package/dist/config/AppTokenProvider.d.ts +38 -38
  69. package/dist/config/ClientConfiguration.d.ts +150 -150
  70. package/dist/config/ClientConfiguration.mjs +95 -95
  71. package/dist/constants/AADServerParamKeys.d.ts +53 -53
  72. package/dist/constants/AADServerParamKeys.mjs +57 -57
  73. package/dist/crypto/ICrypto.d.ts +68 -68
  74. package/dist/crypto/ICrypto.mjs +36 -36
  75. package/dist/crypto/IGuidGenerator.d.ts +4 -4
  76. package/dist/crypto/JoseHeader.d.ts +22 -22
  77. package/dist/crypto/JoseHeader.mjs +37 -37
  78. package/dist/crypto/PopTokenGenerator.d.ts +59 -59
  79. package/dist/crypto/PopTokenGenerator.mjs +81 -81
  80. package/dist/crypto/SignedHttpRequest.d.ts +15 -15
  81. package/dist/error/AuthError.d.ts +44 -44
  82. package/dist/error/AuthError.mjs +46 -46
  83. package/dist/error/AuthErrorCodes.d.ts +5 -5
  84. package/dist/error/AuthErrorCodes.mjs +9 -9
  85. package/dist/error/CacheError.d.ts +20 -20
  86. package/dist/error/CacheError.mjs +24 -24
  87. package/dist/error/CacheErrorCodes.d.ts +2 -2
  88. package/dist/error/CacheErrorCodes.mjs +6 -6
  89. package/dist/error/ClientAuthError.d.ts +237 -237
  90. package/dist/error/ClientAuthError.mjs +249 -249
  91. package/dist/error/ClientAuthErrorCodes.d.ts +44 -44
  92. package/dist/error/ClientAuthErrorCodes.mjs +48 -48
  93. package/dist/error/ClientConfigurationError.d.ts +128 -128
  94. package/dist/error/ClientConfigurationError.mjs +135 -135
  95. package/dist/error/ClientConfigurationErrorCodes.d.ts +22 -22
  96. package/dist/error/ClientConfigurationErrorCodes.mjs +26 -26
  97. package/dist/error/InteractionRequiredAuthError.d.ts +65 -65
  98. package/dist/error/InteractionRequiredAuthError.mjs +85 -85
  99. package/dist/error/InteractionRequiredAuthErrorCodes.d.ts +7 -7
  100. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +13 -13
  101. package/dist/error/JoseHeaderError.d.ts +15 -15
  102. package/dist/error/JoseHeaderError.mjs +22 -22
  103. package/dist/error/JoseHeaderErrorCodes.d.ts +2 -2
  104. package/dist/error/JoseHeaderErrorCodes.mjs +6 -6
  105. package/dist/error/ServerError.d.ts +15 -15
  106. package/dist/error/ServerError.mjs +16 -16
  107. package/dist/index.cjs +8658 -8658
  108. package/dist/index.cjs.map +1 -1
  109. package/dist/index.d.ts +107 -107
  110. package/dist/index.mjs +1 -1
  111. package/dist/logger/Logger.d.ts +95 -95
  112. package/dist/logger/Logger.mjs +188 -188
  113. package/dist/network/INetworkModule.d.ts +29 -29
  114. package/dist/network/INetworkModule.mjs +12 -12
  115. package/dist/network/NetworkManager.d.ts +33 -33
  116. package/dist/network/NetworkManager.mjs +34 -34
  117. package/dist/network/RequestThumbprint.d.ts +18 -18
  118. package/dist/network/ThrottlingUtils.d.ts +42 -42
  119. package/dist/network/ThrottlingUtils.mjs +95 -95
  120. package/dist/packageMetadata.d.ts +2 -2
  121. package/dist/packageMetadata.mjs +4 -4
  122. package/dist/request/AuthenticationHeaderParser.d.ts +19 -19
  123. package/dist/request/AuthenticationHeaderParser.mjs +55 -55
  124. package/dist/request/BaseAuthRequest.d.ts +47 -47
  125. package/dist/request/CommonAuthorizationCodeRequest.d.ts +27 -27
  126. package/dist/request/CommonAuthorizationUrlRequest.d.ts +50 -50
  127. package/dist/request/CommonClientCredentialRequest.d.ts +17 -17
  128. package/dist/request/CommonDeviceCodeRequest.d.ts +21 -21
  129. package/dist/request/CommonEndSessionRequest.d.ts +21 -21
  130. package/dist/request/CommonOnBehalfOfRequest.d.ts +13 -13
  131. package/dist/request/CommonRefreshTokenRequest.d.ts +22 -22
  132. package/dist/request/CommonSilentFlowRequest.d.ts +27 -27
  133. package/dist/request/CommonUsernamePasswordRequest.d.ts +17 -17
  134. package/dist/request/NativeRequest.d.ts +19 -19
  135. package/dist/request/NativeSignOutRequest.d.ts +5 -5
  136. package/dist/request/RequestParameterBuilder.d.ts +217 -217
  137. package/dist/request/RequestParameterBuilder.mjs +382 -382
  138. package/dist/request/RequestValidator.d.ts +27 -27
  139. package/dist/request/RequestValidator.mjs +64 -64
  140. package/dist/request/ScopeSet.d.ts +88 -88
  141. package/dist/request/ScopeSet.mjs +197 -197
  142. package/dist/request/StoreInCache.d.ts +8 -8
  143. package/dist/response/AuthenticationResult.d.ts +41 -41
  144. package/dist/response/AuthorizationCodePayload.d.ts +13 -13
  145. package/dist/response/DeviceCodeResponse.d.ts +25 -25
  146. package/dist/response/ExternalTokenResponse.d.ts +15 -15
  147. package/dist/response/IMDSBadResponse.d.ts +4 -4
  148. package/dist/response/ResponseHandler.d.ts +69 -69
  149. package/dist/response/ResponseHandler.mjs +374 -374
  150. package/dist/response/ServerAuthorizationCodeResponse.d.ts +26 -26
  151. package/dist/response/ServerAuthorizationTokenResponse.d.ts +47 -47
  152. package/dist/telemetry/performance/IPerformanceClient.d.ts +57 -57
  153. package/dist/telemetry/performance/IPerformanceMeasurement.d.ts +5 -5
  154. package/dist/telemetry/performance/PerformanceClient.d.ts +242 -242
  155. package/dist/telemetry/performance/PerformanceClient.mjs +587 -587
  156. package/dist/telemetry/performance/PerformanceEvent.d.ts +511 -505
  157. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  158. package/dist/telemetry/performance/PerformanceEvent.mjs +480 -480
  159. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  160. package/dist/telemetry/performance/StubPerformanceClient.d.ts +24 -24
  161. package/dist/telemetry/performance/StubPerformanceClient.mjs +76 -76
  162. package/dist/telemetry/server/ServerTelemetryManager.d.ts +78 -78
  163. package/dist/telemetry/server/ServerTelemetryManager.mjs +260 -260
  164. package/dist/telemetry/server/ServerTelemetryRequest.d.ts +8 -8
  165. package/dist/url/IUri.d.ts +12 -12
  166. package/dist/url/UrlString.d.ts +48 -48
  167. package/dist/url/UrlString.mjs +161 -161
  168. package/dist/utils/ClientAssertionUtils.d.ts +2 -2
  169. package/dist/utils/ClientAssertionUtils.mjs +16 -16
  170. package/dist/utils/Constants.d.ts +309 -309
  171. package/dist/utils/Constants.mjs +322 -322
  172. package/dist/utils/FunctionWrappers.d.ts +27 -27
  173. package/dist/utils/FunctionWrappers.mjs +94 -94
  174. package/dist/utils/MsalTypes.d.ts +6 -6
  175. package/dist/utils/ProtocolUtils.d.ts +42 -42
  176. package/dist/utils/ProtocolUtils.mjs +69 -69
  177. package/dist/utils/StringUtils.d.ts +40 -40
  178. package/dist/utils/StringUtils.mjs +95 -95
  179. package/dist/utils/TimeUtils.d.ts +25 -25
  180. package/dist/utils/TimeUtils.mjs +43 -43
  181. package/dist/utils/UrlUtils.d.ts +10 -10
  182. package/dist/utils/UrlUtils.mjs +44 -44
  183. package/package.json +1 -1
  184. package/src/packageMetadata.ts +1 -1
  185. package/src/telemetry/performance/PerformanceEvent.ts +7 -0
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v14.14.0 2024-07-23 */
1
+ /*! @azure/msal-common v14.14.2 2024-08-28 */
2
2
  'use strict';
3
3
  import { Constants, ResponseMode, OIDC_DEFAULT_SCOPES, HeaderNames, CLIENT_INFO, ClaimsRequestKeys, PasswordGrantConstants, AuthenticationScheme, ThrottlingConstants } from '../utils/Constants.mjs';
4
4
  import { RESPONSE_TYPE, RESPONSE_MODE, NATIVE_BROKER, SCOPE, CLIENT_ID, REDIRECT_URI, POST_LOGOUT_URI, ID_TOKEN_HINT, DOMAIN_HINT, LOGIN_HINT, SID, CLAIMS, CLIENT_REQUEST_ID, X_CLIENT_SKU, X_CLIENT_VER, X_CLIENT_OS, X_CLIENT_CPU, X_APP_NAME, X_APP_VER, PROMPT, STATE, NONCE, CODE_CHALLENGE, CODE_CHALLENGE_METHOD, CODE, DEVICE_CODE, REFRESH_TOKEN, CODE_VERIFIER, CLIENT_SECRET, CLIENT_ASSERTION, CLIENT_ASSERTION_TYPE, OBO_ASSERTION, REQUESTED_TOKEN_USE, GRANT_TYPE, TOKEN_TYPE, REQ_CNF, X_CLIENT_CURR_TELEM, X_CLIENT_LAST_TELEM, X_MS_LIB_CAPABILITY, LOGOUT_HINT } from '../constants/AADServerParamKeys.mjs';
@@ -7,387 +7,387 @@ import { createClientConfigurationError } from '../error/ClientConfigurationErro
7
7
  import { RequestValidator } from './RequestValidator.mjs';
8
8
  import { pkceParamsMissing, invalidClaims } from '../error/ClientConfigurationErrorCodes.mjs';
9
9
 
10
- /*
11
- * Copyright (c) Microsoft Corporation. All rights reserved.
12
- * Licensed under the MIT License.
13
- */
14
- /** @internal */
15
- class RequestParameterBuilder {
16
- constructor() {
17
- this.parameters = new Map();
18
- }
19
- /**
20
- * add response_type = code
21
- */
22
- addResponseTypeCode() {
23
- this.parameters.set(RESPONSE_TYPE, encodeURIComponent(Constants.CODE_RESPONSE_TYPE));
24
- }
25
- /**
26
- * add response_type = token id_token
27
- */
28
- addResponseTypeForTokenAndIdToken() {
29
- this.parameters.set(RESPONSE_TYPE, encodeURIComponent(`${Constants.TOKEN_RESPONSE_TYPE} ${Constants.ID_TOKEN_RESPONSE_TYPE}`));
30
- }
31
- /**
32
- * add response_mode. defaults to query.
33
- * @param responseMode
34
- */
35
- addResponseMode(responseMode) {
36
- this.parameters.set(RESPONSE_MODE, encodeURIComponent(responseMode ? responseMode : ResponseMode.QUERY));
37
- }
38
- /**
39
- * Add flag to indicate STS should attempt to use WAM if available
40
- */
41
- addNativeBroker() {
42
- this.parameters.set(NATIVE_BROKER, encodeURIComponent("1"));
43
- }
44
- /**
45
- * add scopes. set addOidcScopes to false to prevent default scopes in non-user scenarios
46
- * @param scopeSet
47
- * @param addOidcScopes
48
- */
49
- addScopes(scopes, addOidcScopes = true, defaultScopes = OIDC_DEFAULT_SCOPES) {
50
- // Always add openid to the scopes when adding OIDC scopes
51
- if (addOidcScopes &&
52
- !defaultScopes.includes("openid") &&
53
- !scopes.includes("openid")) {
54
- defaultScopes.push("openid");
55
- }
56
- const requestScopes = addOidcScopes
57
- ? [...(scopes || []), ...defaultScopes]
58
- : scopes || [];
59
- const scopeSet = new ScopeSet(requestScopes);
60
- this.parameters.set(SCOPE, encodeURIComponent(scopeSet.printScopes()));
61
- }
62
- /**
63
- * add clientId
64
- * @param clientId
65
- */
66
- addClientId(clientId) {
67
- this.parameters.set(CLIENT_ID, encodeURIComponent(clientId));
68
- }
69
- /**
70
- * add redirect_uri
71
- * @param redirectUri
72
- */
73
- addRedirectUri(redirectUri) {
74
- RequestValidator.validateRedirectUri(redirectUri);
75
- this.parameters.set(REDIRECT_URI, encodeURIComponent(redirectUri));
76
- }
77
- /**
78
- * add post logout redirectUri
79
- * @param redirectUri
80
- */
81
- addPostLogoutRedirectUri(redirectUri) {
82
- RequestValidator.validateRedirectUri(redirectUri);
83
- this.parameters.set(POST_LOGOUT_URI, encodeURIComponent(redirectUri));
84
- }
85
- /**
86
- * add id_token_hint to logout request
87
- * @param idTokenHint
88
- */
89
- addIdTokenHint(idTokenHint) {
90
- this.parameters.set(ID_TOKEN_HINT, encodeURIComponent(idTokenHint));
91
- }
92
- /**
93
- * add domain_hint
94
- * @param domainHint
95
- */
96
- addDomainHint(domainHint) {
97
- this.parameters.set(DOMAIN_HINT, encodeURIComponent(domainHint));
98
- }
99
- /**
100
- * add login_hint
101
- * @param loginHint
102
- */
103
- addLoginHint(loginHint) {
104
- this.parameters.set(LOGIN_HINT, encodeURIComponent(loginHint));
105
- }
106
- /**
107
- * Adds the CCS (Cache Credential Service) query parameter for login_hint
108
- * @param loginHint
109
- */
110
- addCcsUpn(loginHint) {
111
- this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`UPN:${loginHint}`));
112
- }
113
- /**
114
- * Adds the CCS (Cache Credential Service) query parameter for account object
115
- * @param loginHint
116
- */
117
- addCcsOid(clientInfo) {
118
- this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`Oid:${clientInfo.uid}@${clientInfo.utid}`));
119
- }
120
- /**
121
- * add sid
122
- * @param sid
123
- */
124
- addSid(sid) {
125
- this.parameters.set(SID, encodeURIComponent(sid));
126
- }
127
- /**
128
- * add claims
129
- * @param claims
130
- */
131
- addClaims(claims, clientCapabilities) {
132
- const mergedClaims = this.addClientCapabilitiesToClaims(claims, clientCapabilities);
133
- RequestValidator.validateClaims(mergedClaims);
134
- this.parameters.set(CLAIMS, encodeURIComponent(mergedClaims));
135
- }
136
- /**
137
- * add correlationId
138
- * @param correlationId
139
- */
140
- addCorrelationId(correlationId) {
141
- this.parameters.set(CLIENT_REQUEST_ID, encodeURIComponent(correlationId));
142
- }
143
- /**
144
- * add library info query params
145
- * @param libraryInfo
146
- */
147
- addLibraryInfo(libraryInfo) {
148
- // Telemetry Info
149
- this.parameters.set(X_CLIENT_SKU, libraryInfo.sku);
150
- this.parameters.set(X_CLIENT_VER, libraryInfo.version);
151
- if (libraryInfo.os) {
152
- this.parameters.set(X_CLIENT_OS, libraryInfo.os);
153
- }
154
- if (libraryInfo.cpu) {
155
- this.parameters.set(X_CLIENT_CPU, libraryInfo.cpu);
156
- }
157
- }
158
- /**
159
- * Add client telemetry parameters
160
- * @param appTelemetry
161
- */
162
- addApplicationTelemetry(appTelemetry) {
163
- if (appTelemetry?.appName) {
164
- this.parameters.set(X_APP_NAME, appTelemetry.appName);
165
- }
166
- if (appTelemetry?.appVersion) {
167
- this.parameters.set(X_APP_VER, appTelemetry.appVersion);
168
- }
169
- }
170
- /**
171
- * add prompt
172
- * @param prompt
173
- */
174
- addPrompt(prompt) {
175
- RequestValidator.validatePrompt(prompt);
176
- this.parameters.set(`${PROMPT}`, encodeURIComponent(prompt));
177
- }
178
- /**
179
- * add state
180
- * @param state
181
- */
182
- addState(state) {
183
- if (state) {
184
- this.parameters.set(STATE, encodeURIComponent(state));
185
- }
186
- }
187
- /**
188
- * add nonce
189
- * @param nonce
190
- */
191
- addNonce(nonce) {
192
- this.parameters.set(NONCE, encodeURIComponent(nonce));
193
- }
194
- /**
195
- * add code_challenge and code_challenge_method
196
- * - throw if either of them are not passed
197
- * @param codeChallenge
198
- * @param codeChallengeMethod
199
- */
200
- addCodeChallengeParams(codeChallenge, codeChallengeMethod) {
201
- RequestValidator.validateCodeChallengeParams(codeChallenge, codeChallengeMethod);
202
- if (codeChallenge && codeChallengeMethod) {
203
- this.parameters.set(CODE_CHALLENGE, encodeURIComponent(codeChallenge));
204
- this.parameters.set(CODE_CHALLENGE_METHOD, encodeURIComponent(codeChallengeMethod));
205
- }
206
- else {
207
- throw createClientConfigurationError(pkceParamsMissing);
208
- }
209
- }
210
- /**
211
- * add the `authorization_code` passed by the user to exchange for a token
212
- * @param code
213
- */
214
- addAuthorizationCode(code) {
215
- this.parameters.set(CODE, encodeURIComponent(code));
216
- }
217
- /**
218
- * add the `authorization_code` passed by the user to exchange for a token
219
- * @param code
220
- */
221
- addDeviceCode(code) {
222
- this.parameters.set(DEVICE_CODE, encodeURIComponent(code));
223
- }
224
- /**
225
- * add the `refreshToken` passed by the user
226
- * @param refreshToken
227
- */
228
- addRefreshToken(refreshToken) {
229
- this.parameters.set(REFRESH_TOKEN, encodeURIComponent(refreshToken));
230
- }
231
- /**
232
- * add the `code_verifier` passed by the user to exchange for a token
233
- * @param codeVerifier
234
- */
235
- addCodeVerifier(codeVerifier) {
236
- this.parameters.set(CODE_VERIFIER, encodeURIComponent(codeVerifier));
237
- }
238
- /**
239
- * add client_secret
240
- * @param clientSecret
241
- */
242
- addClientSecret(clientSecret) {
243
- this.parameters.set(CLIENT_SECRET, encodeURIComponent(clientSecret));
244
- }
245
- /**
246
- * add clientAssertion for confidential client flows
247
- * @param clientAssertion
248
- */
249
- addClientAssertion(clientAssertion) {
250
- if (clientAssertion) {
251
- this.parameters.set(CLIENT_ASSERTION, encodeURIComponent(clientAssertion));
252
- }
253
- }
254
- /**
255
- * add clientAssertionType for confidential client flows
256
- * @param clientAssertionType
257
- */
258
- addClientAssertionType(clientAssertionType) {
259
- if (clientAssertionType) {
260
- this.parameters.set(CLIENT_ASSERTION_TYPE, encodeURIComponent(clientAssertionType));
261
- }
262
- }
263
- /**
264
- * add OBO assertion for confidential client flows
265
- * @param clientAssertion
266
- */
267
- addOboAssertion(oboAssertion) {
268
- this.parameters.set(OBO_ASSERTION, encodeURIComponent(oboAssertion));
269
- }
270
- /**
271
- * add grant type
272
- * @param grantType
273
- */
274
- addRequestTokenUse(tokenUse) {
275
- this.parameters.set(REQUESTED_TOKEN_USE, encodeURIComponent(tokenUse));
276
- }
277
- /**
278
- * add grant type
279
- * @param grantType
280
- */
281
- addGrantType(grantType) {
282
- this.parameters.set(GRANT_TYPE, encodeURIComponent(grantType));
283
- }
284
- /**
285
- * add client info
286
- *
287
- */
288
- addClientInfo() {
289
- this.parameters.set(CLIENT_INFO, "1");
290
- }
291
- /**
292
- * add extraQueryParams
293
- * @param eQParams
294
- */
295
- addExtraQueryParameters(eQParams) {
296
- Object.entries(eQParams).forEach(([key, value]) => {
297
- if (!this.parameters.has(key) && value) {
298
- this.parameters.set(key, value);
299
- }
300
- });
301
- }
302
- addClientCapabilitiesToClaims(claims, clientCapabilities) {
303
- let mergedClaims;
304
- // Parse provided claims into JSON object or initialize empty object
305
- if (!claims) {
306
- mergedClaims = {};
307
- }
308
- else {
309
- try {
310
- mergedClaims = JSON.parse(claims);
311
- }
312
- catch (e) {
313
- throw createClientConfigurationError(invalidClaims);
314
- }
315
- }
316
- if (clientCapabilities && clientCapabilities.length > 0) {
317
- if (!mergedClaims.hasOwnProperty(ClaimsRequestKeys.ACCESS_TOKEN)) {
318
- // Add access_token key to claims object
319
- mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};
320
- }
321
- // Add xms_cc claim with provided clientCapabilities to access_token key
322
- mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][ClaimsRequestKeys.XMS_CC] = {
323
- values: clientCapabilities,
324
- };
325
- }
326
- return JSON.stringify(mergedClaims);
327
- }
328
- /**
329
- * adds `username` for Password Grant flow
330
- * @param username
331
- */
332
- addUsername(username) {
333
- this.parameters.set(PasswordGrantConstants.username, encodeURIComponent(username));
334
- }
335
- /**
336
- * adds `password` for Password Grant flow
337
- * @param password
338
- */
339
- addPassword(password) {
340
- this.parameters.set(PasswordGrantConstants.password, encodeURIComponent(password));
341
- }
342
- /**
343
- * add pop_jwk to query params
344
- * @param cnfString
345
- */
346
- addPopToken(cnfString) {
347
- if (cnfString) {
348
- this.parameters.set(TOKEN_TYPE, AuthenticationScheme.POP);
349
- this.parameters.set(REQ_CNF, encodeURIComponent(cnfString));
350
- }
351
- }
352
- /**
353
- * add SSH JWK and key ID to query params
354
- */
355
- addSshJwk(sshJwkString) {
356
- if (sshJwkString) {
357
- this.parameters.set(TOKEN_TYPE, AuthenticationScheme.SSH);
358
- this.parameters.set(REQ_CNF, encodeURIComponent(sshJwkString));
359
- }
360
- }
361
- /**
362
- * add server telemetry fields
363
- * @param serverTelemetryManager
364
- */
365
- addServerTelemetry(serverTelemetryManager) {
366
- this.parameters.set(X_CLIENT_CURR_TELEM, serverTelemetryManager.generateCurrentRequestHeaderValue());
367
- this.parameters.set(X_CLIENT_LAST_TELEM, serverTelemetryManager.generateLastRequestHeaderValue());
368
- }
369
- /**
370
- * Adds parameter that indicates to the server that throttling is supported
371
- */
372
- addThrottling() {
373
- this.parameters.set(X_MS_LIB_CAPABILITY, ThrottlingConstants.X_MS_LIB_CAPABILITY_VALUE);
374
- }
375
- /**
376
- * Adds logout_hint parameter for "silent" logout which prevent server account picker
377
- */
378
- addLogoutHint(logoutHint) {
379
- this.parameters.set(LOGOUT_HINT, encodeURIComponent(logoutHint));
380
- }
381
- /**
382
- * Utility to create a URL from the params map
383
- */
384
- createQueryString() {
385
- const queryParameterArray = new Array();
386
- this.parameters.forEach((value, key) => {
387
- queryParameterArray.push(`${key}=${value}`);
388
- });
389
- return queryParameterArray.join("&");
390
- }
10
+ /*
11
+ * Copyright (c) Microsoft Corporation. All rights reserved.
12
+ * Licensed under the MIT License.
13
+ */
14
+ /** @internal */
15
+ class RequestParameterBuilder {
16
+ constructor() {
17
+ this.parameters = new Map();
18
+ }
19
+ /**
20
+ * add response_type = code
21
+ */
22
+ addResponseTypeCode() {
23
+ this.parameters.set(RESPONSE_TYPE, encodeURIComponent(Constants.CODE_RESPONSE_TYPE));
24
+ }
25
+ /**
26
+ * add response_type = token id_token
27
+ */
28
+ addResponseTypeForTokenAndIdToken() {
29
+ this.parameters.set(RESPONSE_TYPE, encodeURIComponent(`${Constants.TOKEN_RESPONSE_TYPE} ${Constants.ID_TOKEN_RESPONSE_TYPE}`));
30
+ }
31
+ /**
32
+ * add response_mode. defaults to query.
33
+ * @param responseMode
34
+ */
35
+ addResponseMode(responseMode) {
36
+ this.parameters.set(RESPONSE_MODE, encodeURIComponent(responseMode ? responseMode : ResponseMode.QUERY));
37
+ }
38
+ /**
39
+ * Add flag to indicate STS should attempt to use WAM if available
40
+ */
41
+ addNativeBroker() {
42
+ this.parameters.set(NATIVE_BROKER, encodeURIComponent("1"));
43
+ }
44
+ /**
45
+ * add scopes. set addOidcScopes to false to prevent default scopes in non-user scenarios
46
+ * @param scopeSet
47
+ * @param addOidcScopes
48
+ */
49
+ addScopes(scopes, addOidcScopes = true, defaultScopes = OIDC_DEFAULT_SCOPES) {
50
+ // Always add openid to the scopes when adding OIDC scopes
51
+ if (addOidcScopes &&
52
+ !defaultScopes.includes("openid") &&
53
+ !scopes.includes("openid")) {
54
+ defaultScopes.push("openid");
55
+ }
56
+ const requestScopes = addOidcScopes
57
+ ? [...(scopes || []), ...defaultScopes]
58
+ : scopes || [];
59
+ const scopeSet = new ScopeSet(requestScopes);
60
+ this.parameters.set(SCOPE, encodeURIComponent(scopeSet.printScopes()));
61
+ }
62
+ /**
63
+ * add clientId
64
+ * @param clientId
65
+ */
66
+ addClientId(clientId) {
67
+ this.parameters.set(CLIENT_ID, encodeURIComponent(clientId));
68
+ }
69
+ /**
70
+ * add redirect_uri
71
+ * @param redirectUri
72
+ */
73
+ addRedirectUri(redirectUri) {
74
+ RequestValidator.validateRedirectUri(redirectUri);
75
+ this.parameters.set(REDIRECT_URI, encodeURIComponent(redirectUri));
76
+ }
77
+ /**
78
+ * add post logout redirectUri
79
+ * @param redirectUri
80
+ */
81
+ addPostLogoutRedirectUri(redirectUri) {
82
+ RequestValidator.validateRedirectUri(redirectUri);
83
+ this.parameters.set(POST_LOGOUT_URI, encodeURIComponent(redirectUri));
84
+ }
85
+ /**
86
+ * add id_token_hint to logout request
87
+ * @param idTokenHint
88
+ */
89
+ addIdTokenHint(idTokenHint) {
90
+ this.parameters.set(ID_TOKEN_HINT, encodeURIComponent(idTokenHint));
91
+ }
92
+ /**
93
+ * add domain_hint
94
+ * @param domainHint
95
+ */
96
+ addDomainHint(domainHint) {
97
+ this.parameters.set(DOMAIN_HINT, encodeURIComponent(domainHint));
98
+ }
99
+ /**
100
+ * add login_hint
101
+ * @param loginHint
102
+ */
103
+ addLoginHint(loginHint) {
104
+ this.parameters.set(LOGIN_HINT, encodeURIComponent(loginHint));
105
+ }
106
+ /**
107
+ * Adds the CCS (Cache Credential Service) query parameter for login_hint
108
+ * @param loginHint
109
+ */
110
+ addCcsUpn(loginHint) {
111
+ this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`UPN:${loginHint}`));
112
+ }
113
+ /**
114
+ * Adds the CCS (Cache Credential Service) query parameter for account object
115
+ * @param loginHint
116
+ */
117
+ addCcsOid(clientInfo) {
118
+ this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`Oid:${clientInfo.uid}@${clientInfo.utid}`));
119
+ }
120
+ /**
121
+ * add sid
122
+ * @param sid
123
+ */
124
+ addSid(sid) {
125
+ this.parameters.set(SID, encodeURIComponent(sid));
126
+ }
127
+ /**
128
+ * add claims
129
+ * @param claims
130
+ */
131
+ addClaims(claims, clientCapabilities) {
132
+ const mergedClaims = this.addClientCapabilitiesToClaims(claims, clientCapabilities);
133
+ RequestValidator.validateClaims(mergedClaims);
134
+ this.parameters.set(CLAIMS, encodeURIComponent(mergedClaims));
135
+ }
136
+ /**
137
+ * add correlationId
138
+ * @param correlationId
139
+ */
140
+ addCorrelationId(correlationId) {
141
+ this.parameters.set(CLIENT_REQUEST_ID, encodeURIComponent(correlationId));
142
+ }
143
+ /**
144
+ * add library info query params
145
+ * @param libraryInfo
146
+ */
147
+ addLibraryInfo(libraryInfo) {
148
+ // Telemetry Info
149
+ this.parameters.set(X_CLIENT_SKU, libraryInfo.sku);
150
+ this.parameters.set(X_CLIENT_VER, libraryInfo.version);
151
+ if (libraryInfo.os) {
152
+ this.parameters.set(X_CLIENT_OS, libraryInfo.os);
153
+ }
154
+ if (libraryInfo.cpu) {
155
+ this.parameters.set(X_CLIENT_CPU, libraryInfo.cpu);
156
+ }
157
+ }
158
+ /**
159
+ * Add client telemetry parameters
160
+ * @param appTelemetry
161
+ */
162
+ addApplicationTelemetry(appTelemetry) {
163
+ if (appTelemetry?.appName) {
164
+ this.parameters.set(X_APP_NAME, appTelemetry.appName);
165
+ }
166
+ if (appTelemetry?.appVersion) {
167
+ this.parameters.set(X_APP_VER, appTelemetry.appVersion);
168
+ }
169
+ }
170
+ /**
171
+ * add prompt
172
+ * @param prompt
173
+ */
174
+ addPrompt(prompt) {
175
+ RequestValidator.validatePrompt(prompt);
176
+ this.parameters.set(`${PROMPT}`, encodeURIComponent(prompt));
177
+ }
178
+ /**
179
+ * add state
180
+ * @param state
181
+ */
182
+ addState(state) {
183
+ if (state) {
184
+ this.parameters.set(STATE, encodeURIComponent(state));
185
+ }
186
+ }
187
+ /**
188
+ * add nonce
189
+ * @param nonce
190
+ */
191
+ addNonce(nonce) {
192
+ this.parameters.set(NONCE, encodeURIComponent(nonce));
193
+ }
194
+ /**
195
+ * add code_challenge and code_challenge_method
196
+ * - throw if either of them are not passed
197
+ * @param codeChallenge
198
+ * @param codeChallengeMethod
199
+ */
200
+ addCodeChallengeParams(codeChallenge, codeChallengeMethod) {
201
+ RequestValidator.validateCodeChallengeParams(codeChallenge, codeChallengeMethod);
202
+ if (codeChallenge && codeChallengeMethod) {
203
+ this.parameters.set(CODE_CHALLENGE, encodeURIComponent(codeChallenge));
204
+ this.parameters.set(CODE_CHALLENGE_METHOD, encodeURIComponent(codeChallengeMethod));
205
+ }
206
+ else {
207
+ throw createClientConfigurationError(pkceParamsMissing);
208
+ }
209
+ }
210
+ /**
211
+ * add the `authorization_code` passed by the user to exchange for a token
212
+ * @param code
213
+ */
214
+ addAuthorizationCode(code) {
215
+ this.parameters.set(CODE, encodeURIComponent(code));
216
+ }
217
+ /**
218
+ * add the `authorization_code` passed by the user to exchange for a token
219
+ * @param code
220
+ */
221
+ addDeviceCode(code) {
222
+ this.parameters.set(DEVICE_CODE, encodeURIComponent(code));
223
+ }
224
+ /**
225
+ * add the `refreshToken` passed by the user
226
+ * @param refreshToken
227
+ */
228
+ addRefreshToken(refreshToken) {
229
+ this.parameters.set(REFRESH_TOKEN, encodeURIComponent(refreshToken));
230
+ }
231
+ /**
232
+ * add the `code_verifier` passed by the user to exchange for a token
233
+ * @param codeVerifier
234
+ */
235
+ addCodeVerifier(codeVerifier) {
236
+ this.parameters.set(CODE_VERIFIER, encodeURIComponent(codeVerifier));
237
+ }
238
+ /**
239
+ * add client_secret
240
+ * @param clientSecret
241
+ */
242
+ addClientSecret(clientSecret) {
243
+ this.parameters.set(CLIENT_SECRET, encodeURIComponent(clientSecret));
244
+ }
245
+ /**
246
+ * add clientAssertion for confidential client flows
247
+ * @param clientAssertion
248
+ */
249
+ addClientAssertion(clientAssertion) {
250
+ if (clientAssertion) {
251
+ this.parameters.set(CLIENT_ASSERTION, encodeURIComponent(clientAssertion));
252
+ }
253
+ }
254
+ /**
255
+ * add clientAssertionType for confidential client flows
256
+ * @param clientAssertionType
257
+ */
258
+ addClientAssertionType(clientAssertionType) {
259
+ if (clientAssertionType) {
260
+ this.parameters.set(CLIENT_ASSERTION_TYPE, encodeURIComponent(clientAssertionType));
261
+ }
262
+ }
263
+ /**
264
+ * add OBO assertion for confidential client flows
265
+ * @param clientAssertion
266
+ */
267
+ addOboAssertion(oboAssertion) {
268
+ this.parameters.set(OBO_ASSERTION, encodeURIComponent(oboAssertion));
269
+ }
270
+ /**
271
+ * add grant type
272
+ * @param grantType
273
+ */
274
+ addRequestTokenUse(tokenUse) {
275
+ this.parameters.set(REQUESTED_TOKEN_USE, encodeURIComponent(tokenUse));
276
+ }
277
+ /**
278
+ * add grant type
279
+ * @param grantType
280
+ */
281
+ addGrantType(grantType) {
282
+ this.parameters.set(GRANT_TYPE, encodeURIComponent(grantType));
283
+ }
284
+ /**
285
+ * add client info
286
+ *
287
+ */
288
+ addClientInfo() {
289
+ this.parameters.set(CLIENT_INFO, "1");
290
+ }
291
+ /**
292
+ * add extraQueryParams
293
+ * @param eQParams
294
+ */
295
+ addExtraQueryParameters(eQParams) {
296
+ Object.entries(eQParams).forEach(([key, value]) => {
297
+ if (!this.parameters.has(key) && value) {
298
+ this.parameters.set(key, value);
299
+ }
300
+ });
301
+ }
302
+ addClientCapabilitiesToClaims(claims, clientCapabilities) {
303
+ let mergedClaims;
304
+ // Parse provided claims into JSON object or initialize empty object
305
+ if (!claims) {
306
+ mergedClaims = {};
307
+ }
308
+ else {
309
+ try {
310
+ mergedClaims = JSON.parse(claims);
311
+ }
312
+ catch (e) {
313
+ throw createClientConfigurationError(invalidClaims);
314
+ }
315
+ }
316
+ if (clientCapabilities && clientCapabilities.length > 0) {
317
+ if (!mergedClaims.hasOwnProperty(ClaimsRequestKeys.ACCESS_TOKEN)) {
318
+ // Add access_token key to claims object
319
+ mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};
320
+ }
321
+ // Add xms_cc claim with provided clientCapabilities to access_token key
322
+ mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][ClaimsRequestKeys.XMS_CC] = {
323
+ values: clientCapabilities,
324
+ };
325
+ }
326
+ return JSON.stringify(mergedClaims);
327
+ }
328
+ /**
329
+ * adds `username` for Password Grant flow
330
+ * @param username
331
+ */
332
+ addUsername(username) {
333
+ this.parameters.set(PasswordGrantConstants.username, encodeURIComponent(username));
334
+ }
335
+ /**
336
+ * adds `password` for Password Grant flow
337
+ * @param password
338
+ */
339
+ addPassword(password) {
340
+ this.parameters.set(PasswordGrantConstants.password, encodeURIComponent(password));
341
+ }
342
+ /**
343
+ * add pop_jwk to query params
344
+ * @param cnfString
345
+ */
346
+ addPopToken(cnfString) {
347
+ if (cnfString) {
348
+ this.parameters.set(TOKEN_TYPE, AuthenticationScheme.POP);
349
+ this.parameters.set(REQ_CNF, encodeURIComponent(cnfString));
350
+ }
351
+ }
352
+ /**
353
+ * add SSH JWK and key ID to query params
354
+ */
355
+ addSshJwk(sshJwkString) {
356
+ if (sshJwkString) {
357
+ this.parameters.set(TOKEN_TYPE, AuthenticationScheme.SSH);
358
+ this.parameters.set(REQ_CNF, encodeURIComponent(sshJwkString));
359
+ }
360
+ }
361
+ /**
362
+ * add server telemetry fields
363
+ * @param serverTelemetryManager
364
+ */
365
+ addServerTelemetry(serverTelemetryManager) {
366
+ this.parameters.set(X_CLIENT_CURR_TELEM, serverTelemetryManager.generateCurrentRequestHeaderValue());
367
+ this.parameters.set(X_CLIENT_LAST_TELEM, serverTelemetryManager.generateLastRequestHeaderValue());
368
+ }
369
+ /**
370
+ * Adds parameter that indicates to the server that throttling is supported
371
+ */
372
+ addThrottling() {
373
+ this.parameters.set(X_MS_LIB_CAPABILITY, ThrottlingConstants.X_MS_LIB_CAPABILITY_VALUE);
374
+ }
375
+ /**
376
+ * Adds logout_hint parameter for "silent" logout which prevent server account picker
377
+ */
378
+ addLogoutHint(logoutHint) {
379
+ this.parameters.set(LOGOUT_HINT, encodeURIComponent(logoutHint));
380
+ }
381
+ /**
382
+ * Utility to create a URL from the params map
383
+ */
384
+ createQueryString() {
385
+ const queryParameterArray = new Array();
386
+ this.parameters.forEach((value, key) => {
387
+ queryParameterArray.push(`${key}=${value}`);
388
+ });
389
+ return queryParameterArray.join("&");
390
+ }
391
391
  }
392
392
 
393
393
  export { RequestParameterBuilder };