@azure/msal-common 14.14.0 → 14.14.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (185) hide show
  1. package/dist/account/AccountInfo.d.ts +66 -66
  2. package/dist/account/AccountInfo.mjs +77 -77
  3. package/dist/account/AuthToken.d.ts +17 -17
  4. package/dist/account/AuthToken.mjs +58 -58
  5. package/dist/account/CcsCredential.d.ts +9 -9
  6. package/dist/account/CcsCredential.mjs +8 -8
  7. package/dist/account/ClientCredentials.d.ts +19 -19
  8. package/dist/account/ClientInfo.d.ts +18 -18
  9. package/dist/account/ClientInfo.mjs +37 -37
  10. package/dist/account/TokenClaims.d.ts +83 -83
  11. package/dist/account/TokenClaims.mjs +20 -20
  12. package/dist/authority/Authority.d.ts +254 -254
  13. package/dist/authority/Authority.mjs +836 -836
  14. package/dist/authority/AuthorityFactory.d.ts +18 -18
  15. package/dist/authority/AuthorityFactory.mjs +28 -28
  16. package/dist/authority/AuthorityMetadata.d.ts +43 -43
  17. package/dist/authority/AuthorityMetadata.mjs +137 -137
  18. package/dist/authority/AuthorityOptions.d.ts +27 -27
  19. package/dist/authority/AuthorityOptions.mjs +18 -18
  20. package/dist/authority/AuthorityType.d.ts +10 -10
  21. package/dist/authority/AuthorityType.mjs +13 -13
  22. package/dist/authority/AzureRegion.d.ts +1 -1
  23. package/dist/authority/AzureRegionConfiguration.d.ts +5 -5
  24. package/dist/authority/CloudDiscoveryMetadata.d.ts +5 -5
  25. package/dist/authority/CloudInstanceDiscoveryErrorResponse.d.ts +13 -13
  26. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +8 -8
  27. package/dist/authority/CloudInstanceDiscoveryResponse.d.ts +9 -9
  28. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +8 -8
  29. package/dist/authority/ImdsOptions.d.ts +5 -5
  30. package/dist/authority/OIDCOptions.d.ts +8 -8
  31. package/dist/authority/OpenIdConfigResponse.d.ts +11 -11
  32. package/dist/authority/OpenIdConfigResponse.mjs +10 -10
  33. package/dist/authority/ProtocolMode.d.ts +8 -8
  34. package/dist/authority/ProtocolMode.mjs +11 -11
  35. package/dist/authority/RegionDiscovery.d.ts +32 -32
  36. package/dist/authority/RegionDiscovery.mjs +106 -106
  37. package/dist/authority/RegionDiscoveryMetadata.d.ts +6 -6
  38. package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +15 -15
  39. package/dist/cache/CacheManager.d.ts +497 -497
  40. package/dist/cache/CacheManager.mjs +1249 -1249
  41. package/dist/cache/entities/AccessTokenEntity.d.ts +25 -25
  42. package/dist/cache/entities/AccountEntity.d.ts +106 -106
  43. package/dist/cache/entities/AccountEntity.mjs +240 -240
  44. package/dist/cache/entities/AppMetadataEntity.d.ts +11 -11
  45. package/dist/cache/entities/AuthorityMetadataEntity.d.ts +15 -15
  46. package/dist/cache/entities/CacheRecord.d.ts +13 -13
  47. package/dist/cache/entities/CredentialEntity.d.ts +30 -30
  48. package/dist/cache/entities/IdTokenEntity.d.ts +8 -8
  49. package/dist/cache/entities/RefreshTokenEntity.d.ts +7 -7
  50. package/dist/cache/entities/ServerTelemetryEntity.d.ts +6 -6
  51. package/dist/cache/entities/ThrottlingEntity.d.ts +7 -7
  52. package/dist/cache/interface/ICacheManager.d.ts +166 -166
  53. package/dist/cache/interface/ICachePlugin.d.ts +5 -5
  54. package/dist/cache/interface/ISerializableTokenCache.d.ts +4 -4
  55. package/dist/cache/persistence/TokenCacheContext.d.ts +23 -23
  56. package/dist/cache/persistence/TokenCacheContext.mjs +25 -25
  57. package/dist/cache/utils/CacheHelpers.d.ts +94 -94
  58. package/dist/cache/utils/CacheHelpers.mjs +324 -324
  59. package/dist/cache/utils/CacheTypes.d.ts +69 -69
  60. package/dist/client/AuthorizationCodeClient.d.ts +74 -74
  61. package/dist/client/AuthorizationCodeClient.mjs +420 -420
  62. package/dist/client/BaseClient.d.ts +51 -51
  63. package/dist/client/BaseClient.mjs +100 -100
  64. package/dist/client/RefreshTokenClient.d.ts +35 -35
  65. package/dist/client/RefreshTokenClient.mjs +211 -211
  66. package/dist/client/SilentFlowClient.d.ts +27 -27
  67. package/dist/client/SilentFlowClient.mjs +133 -133
  68. package/dist/config/AppTokenProvider.d.ts +38 -38
  69. package/dist/config/ClientConfiguration.d.ts +150 -150
  70. package/dist/config/ClientConfiguration.mjs +95 -95
  71. package/dist/constants/AADServerParamKeys.d.ts +53 -53
  72. package/dist/constants/AADServerParamKeys.mjs +57 -57
  73. package/dist/crypto/ICrypto.d.ts +68 -68
  74. package/dist/crypto/ICrypto.mjs +36 -36
  75. package/dist/crypto/IGuidGenerator.d.ts +4 -4
  76. package/dist/crypto/JoseHeader.d.ts +22 -22
  77. package/dist/crypto/JoseHeader.mjs +37 -37
  78. package/dist/crypto/PopTokenGenerator.d.ts +59 -59
  79. package/dist/crypto/PopTokenGenerator.mjs +81 -81
  80. package/dist/crypto/SignedHttpRequest.d.ts +15 -15
  81. package/dist/error/AuthError.d.ts +44 -44
  82. package/dist/error/AuthError.mjs +46 -46
  83. package/dist/error/AuthErrorCodes.d.ts +5 -5
  84. package/dist/error/AuthErrorCodes.mjs +9 -9
  85. package/dist/error/CacheError.d.ts +20 -20
  86. package/dist/error/CacheError.mjs +24 -24
  87. package/dist/error/CacheErrorCodes.d.ts +2 -2
  88. package/dist/error/CacheErrorCodes.mjs +6 -6
  89. package/dist/error/ClientAuthError.d.ts +237 -237
  90. package/dist/error/ClientAuthError.mjs +249 -249
  91. package/dist/error/ClientAuthErrorCodes.d.ts +44 -44
  92. package/dist/error/ClientAuthErrorCodes.mjs +48 -48
  93. package/dist/error/ClientConfigurationError.d.ts +128 -128
  94. package/dist/error/ClientConfigurationError.mjs +135 -135
  95. package/dist/error/ClientConfigurationErrorCodes.d.ts +22 -22
  96. package/dist/error/ClientConfigurationErrorCodes.mjs +26 -26
  97. package/dist/error/InteractionRequiredAuthError.d.ts +65 -65
  98. package/dist/error/InteractionRequiredAuthError.mjs +85 -85
  99. package/dist/error/InteractionRequiredAuthErrorCodes.d.ts +7 -7
  100. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +13 -13
  101. package/dist/error/JoseHeaderError.d.ts +15 -15
  102. package/dist/error/JoseHeaderError.mjs +22 -22
  103. package/dist/error/JoseHeaderErrorCodes.d.ts +2 -2
  104. package/dist/error/JoseHeaderErrorCodes.mjs +6 -6
  105. package/dist/error/ServerError.d.ts +15 -15
  106. package/dist/error/ServerError.mjs +16 -16
  107. package/dist/index.cjs +8658 -8658
  108. package/dist/index.cjs.map +1 -1
  109. package/dist/index.d.ts +107 -107
  110. package/dist/index.mjs +1 -1
  111. package/dist/logger/Logger.d.ts +95 -95
  112. package/dist/logger/Logger.mjs +188 -188
  113. package/dist/network/INetworkModule.d.ts +29 -29
  114. package/dist/network/INetworkModule.mjs +12 -12
  115. package/dist/network/NetworkManager.d.ts +33 -33
  116. package/dist/network/NetworkManager.mjs +34 -34
  117. package/dist/network/RequestThumbprint.d.ts +18 -18
  118. package/dist/network/ThrottlingUtils.d.ts +42 -42
  119. package/dist/network/ThrottlingUtils.mjs +95 -95
  120. package/dist/packageMetadata.d.ts +2 -2
  121. package/dist/packageMetadata.mjs +4 -4
  122. package/dist/request/AuthenticationHeaderParser.d.ts +19 -19
  123. package/dist/request/AuthenticationHeaderParser.mjs +55 -55
  124. package/dist/request/BaseAuthRequest.d.ts +47 -47
  125. package/dist/request/CommonAuthorizationCodeRequest.d.ts +27 -27
  126. package/dist/request/CommonAuthorizationUrlRequest.d.ts +50 -50
  127. package/dist/request/CommonClientCredentialRequest.d.ts +17 -17
  128. package/dist/request/CommonDeviceCodeRequest.d.ts +21 -21
  129. package/dist/request/CommonEndSessionRequest.d.ts +21 -21
  130. package/dist/request/CommonOnBehalfOfRequest.d.ts +13 -13
  131. package/dist/request/CommonRefreshTokenRequest.d.ts +22 -22
  132. package/dist/request/CommonSilentFlowRequest.d.ts +27 -27
  133. package/dist/request/CommonUsernamePasswordRequest.d.ts +17 -17
  134. package/dist/request/NativeRequest.d.ts +19 -19
  135. package/dist/request/NativeSignOutRequest.d.ts +5 -5
  136. package/dist/request/RequestParameterBuilder.d.ts +217 -217
  137. package/dist/request/RequestParameterBuilder.mjs +382 -382
  138. package/dist/request/RequestValidator.d.ts +27 -27
  139. package/dist/request/RequestValidator.mjs +64 -64
  140. package/dist/request/ScopeSet.d.ts +88 -88
  141. package/dist/request/ScopeSet.mjs +197 -197
  142. package/dist/request/StoreInCache.d.ts +8 -8
  143. package/dist/response/AuthenticationResult.d.ts +41 -41
  144. package/dist/response/AuthorizationCodePayload.d.ts +13 -13
  145. package/dist/response/DeviceCodeResponse.d.ts +25 -25
  146. package/dist/response/ExternalTokenResponse.d.ts +15 -15
  147. package/dist/response/IMDSBadResponse.d.ts +4 -4
  148. package/dist/response/ResponseHandler.d.ts +69 -69
  149. package/dist/response/ResponseHandler.mjs +374 -374
  150. package/dist/response/ServerAuthorizationCodeResponse.d.ts +26 -26
  151. package/dist/response/ServerAuthorizationTokenResponse.d.ts +47 -47
  152. package/dist/telemetry/performance/IPerformanceClient.d.ts +57 -57
  153. package/dist/telemetry/performance/IPerformanceMeasurement.d.ts +5 -5
  154. package/dist/telemetry/performance/PerformanceClient.d.ts +242 -242
  155. package/dist/telemetry/performance/PerformanceClient.mjs +587 -587
  156. package/dist/telemetry/performance/PerformanceEvent.d.ts +511 -505
  157. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  158. package/dist/telemetry/performance/PerformanceEvent.mjs +480 -480
  159. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  160. package/dist/telemetry/performance/StubPerformanceClient.d.ts +24 -24
  161. package/dist/telemetry/performance/StubPerformanceClient.mjs +76 -76
  162. package/dist/telemetry/server/ServerTelemetryManager.d.ts +78 -78
  163. package/dist/telemetry/server/ServerTelemetryManager.mjs +260 -260
  164. package/dist/telemetry/server/ServerTelemetryRequest.d.ts +8 -8
  165. package/dist/url/IUri.d.ts +12 -12
  166. package/dist/url/UrlString.d.ts +48 -48
  167. package/dist/url/UrlString.mjs +161 -161
  168. package/dist/utils/ClientAssertionUtils.d.ts +2 -2
  169. package/dist/utils/ClientAssertionUtils.mjs +16 -16
  170. package/dist/utils/Constants.d.ts +309 -309
  171. package/dist/utils/Constants.mjs +322 -322
  172. package/dist/utils/FunctionWrappers.d.ts +27 -27
  173. package/dist/utils/FunctionWrappers.mjs +94 -94
  174. package/dist/utils/MsalTypes.d.ts +6 -6
  175. package/dist/utils/ProtocolUtils.d.ts +42 -42
  176. package/dist/utils/ProtocolUtils.mjs +69 -69
  177. package/dist/utils/StringUtils.d.ts +40 -40
  178. package/dist/utils/StringUtils.mjs +95 -95
  179. package/dist/utils/TimeUtils.d.ts +25 -25
  180. package/dist/utils/TimeUtils.mjs +43 -43
  181. package/dist/utils/UrlUtils.d.ts +10 -10
  182. package/dist/utils/UrlUtils.mjs +44 -44
  183. package/package.json +1 -1
  184. package/src/packageMetadata.ts +1 -1
  185. package/src/telemetry/performance/PerformanceEvent.ts +7 -0
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v14.14.0 2024-07-23 */
1
+ /*! @azure/msal-common v14.14.2 2024-08-28 */
2
2
  'use strict';
3
3
  import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
4
4
  import { StringUtils } from '../utils/StringUtils.mjs';
@@ -7,202 +7,202 @@ import { Constants, OIDC_SCOPES } from '../utils/Constants.mjs';
7
7
  import { emptyInputScopesError } from '../error/ClientConfigurationErrorCodes.mjs';
8
8
  import { cannotAppendScopeSet, cannotRemoveEmptyScope, emptyInputScopeSet } from '../error/ClientAuthErrorCodes.mjs';
9
9
 
10
- /*
11
- * Copyright (c) Microsoft Corporation. All rights reserved.
12
- * Licensed under the MIT License.
13
- */
14
- /**
15
- * The ScopeSet class creates a set of scopes. Scopes are case-insensitive, unique values, so the Set object in JS makes
16
- * the most sense to implement for this class. All scopes are trimmed and converted to lower case strings in intersection and union functions
17
- * to ensure uniqueness of strings.
18
- */
19
- class ScopeSet {
20
- constructor(inputScopes) {
21
- // Filter empty string and null/undefined array items
22
- const scopeArr = inputScopes
23
- ? StringUtils.trimArrayEntries([...inputScopes])
24
- : [];
25
- const filteredInput = scopeArr
26
- ? StringUtils.removeEmptyStringsFromArray(scopeArr)
27
- : [];
28
- // Validate and filter scopes (validate function throws if validation fails)
29
- this.validateInputScopes(filteredInput);
30
- this.scopes = new Set(); // Iterator in constructor not supported by IE11
31
- filteredInput.forEach((scope) => this.scopes.add(scope));
32
- }
33
- /**
34
- * Factory method to create ScopeSet from space-delimited string
35
- * @param inputScopeString
36
- * @param appClientId
37
- * @param scopesRequired
38
- */
39
- static fromString(inputScopeString) {
40
- const scopeString = inputScopeString || Constants.EMPTY_STRING;
41
- const inputScopes = scopeString.split(" ");
42
- return new ScopeSet(inputScopes);
43
- }
44
- /**
45
- * Creates the set of scopes to search for in cache lookups
46
- * @param inputScopeString
47
- * @returns
48
- */
49
- static createSearchScopes(inputScopeString) {
50
- const scopeSet = new ScopeSet(inputScopeString);
51
- if (!scopeSet.containsOnlyOIDCScopes()) {
52
- scopeSet.removeOIDCScopes();
53
- }
54
- else {
55
- scopeSet.removeScope(Constants.OFFLINE_ACCESS_SCOPE);
56
- }
57
- return scopeSet;
58
- }
59
- /**
60
- * Used to validate the scopes input parameter requested by the developer.
61
- * @param {Array<string>} inputScopes - Developer requested permissions. Not all scopes are guaranteed to be included in the access token returned.
62
- * @param {boolean} scopesRequired - Boolean indicating whether the scopes array is required or not
63
- */
64
- validateInputScopes(inputScopes) {
65
- // Check if scopes are required but not given or is an empty array
66
- if (!inputScopes || inputScopes.length < 1) {
67
- throw createClientConfigurationError(emptyInputScopesError);
68
- }
69
- }
70
- /**
71
- * Check if a given scope is present in this set of scopes.
72
- * @param scope
73
- */
74
- containsScope(scope) {
75
- const lowerCaseScopes = this.printScopesLowerCase().split(" ");
76
- const lowerCaseScopesSet = new ScopeSet(lowerCaseScopes);
77
- // compare lowercase scopes
78
- return scope
79
- ? lowerCaseScopesSet.scopes.has(scope.toLowerCase())
80
- : false;
81
- }
82
- /**
83
- * Check if a set of scopes is present in this set of scopes.
84
- * @param scopeSet
85
- */
86
- containsScopeSet(scopeSet) {
87
- if (!scopeSet || scopeSet.scopes.size <= 0) {
88
- return false;
89
- }
90
- return (this.scopes.size >= scopeSet.scopes.size &&
91
- scopeSet.asArray().every((scope) => this.containsScope(scope)));
92
- }
93
- /**
94
- * Check if set of scopes contains only the defaults
95
- */
96
- containsOnlyOIDCScopes() {
97
- let defaultScopeCount = 0;
98
- OIDC_SCOPES.forEach((defaultScope) => {
99
- if (this.containsScope(defaultScope)) {
100
- defaultScopeCount += 1;
101
- }
102
- });
103
- return this.scopes.size === defaultScopeCount;
104
- }
105
- /**
106
- * Appends single scope if passed
107
- * @param newScope
108
- */
109
- appendScope(newScope) {
110
- if (newScope) {
111
- this.scopes.add(newScope.trim());
112
- }
113
- }
114
- /**
115
- * Appends multiple scopes if passed
116
- * @param newScopes
117
- */
118
- appendScopes(newScopes) {
119
- try {
120
- newScopes.forEach((newScope) => this.appendScope(newScope));
121
- }
122
- catch (e) {
123
- throw createClientAuthError(cannotAppendScopeSet);
124
- }
125
- }
126
- /**
127
- * Removes element from set of scopes.
128
- * @param scope
129
- */
130
- removeScope(scope) {
131
- if (!scope) {
132
- throw createClientAuthError(cannotRemoveEmptyScope);
133
- }
134
- this.scopes.delete(scope.trim());
135
- }
136
- /**
137
- * Removes default scopes from set of scopes
138
- * Primarily used to prevent cache misses if the default scopes are not returned from the server
139
- */
140
- removeOIDCScopes() {
141
- OIDC_SCOPES.forEach((defaultScope) => {
142
- this.scopes.delete(defaultScope);
143
- });
144
- }
145
- /**
146
- * Combines an array of scopes with the current set of scopes.
147
- * @param otherScopes
148
- */
149
- unionScopeSets(otherScopes) {
150
- if (!otherScopes) {
151
- throw createClientAuthError(emptyInputScopeSet);
152
- }
153
- const unionScopes = new Set(); // Iterator in constructor not supported in IE11
154
- otherScopes.scopes.forEach((scope) => unionScopes.add(scope.toLowerCase()));
155
- this.scopes.forEach((scope) => unionScopes.add(scope.toLowerCase()));
156
- return unionScopes;
157
- }
158
- /**
159
- * Check if scopes intersect between this set and another.
160
- * @param otherScopes
161
- */
162
- intersectingScopeSets(otherScopes) {
163
- if (!otherScopes) {
164
- throw createClientAuthError(emptyInputScopeSet);
165
- }
166
- // Do not allow OIDC scopes to be the only intersecting scopes
167
- if (!otherScopes.containsOnlyOIDCScopes()) {
168
- otherScopes.removeOIDCScopes();
169
- }
170
- const unionScopes = this.unionScopeSets(otherScopes);
171
- const sizeOtherScopes = otherScopes.getScopeCount();
172
- const sizeThisScopes = this.getScopeCount();
173
- const sizeUnionScopes = unionScopes.size;
174
- return sizeUnionScopes < sizeThisScopes + sizeOtherScopes;
175
- }
176
- /**
177
- * Returns size of set of scopes.
178
- */
179
- getScopeCount() {
180
- return this.scopes.size;
181
- }
182
- /**
183
- * Returns the scopes as an array of string values
184
- */
185
- asArray() {
186
- const array = [];
187
- this.scopes.forEach((val) => array.push(val));
188
- return array;
189
- }
190
- /**
191
- * Prints scopes into a space-delimited string
192
- */
193
- printScopes() {
194
- if (this.scopes) {
195
- const scopeArr = this.asArray();
196
- return scopeArr.join(" ");
197
- }
198
- return Constants.EMPTY_STRING;
199
- }
200
- /**
201
- * Prints scopes into a space-delimited lower-case string (used for caching)
202
- */
203
- printScopesLowerCase() {
204
- return this.printScopes().toLowerCase();
205
- }
10
+ /*
11
+ * Copyright (c) Microsoft Corporation. All rights reserved.
12
+ * Licensed under the MIT License.
13
+ */
14
+ /**
15
+ * The ScopeSet class creates a set of scopes. Scopes are case-insensitive, unique values, so the Set object in JS makes
16
+ * the most sense to implement for this class. All scopes are trimmed and converted to lower case strings in intersection and union functions
17
+ * to ensure uniqueness of strings.
18
+ */
19
+ class ScopeSet {
20
+ constructor(inputScopes) {
21
+ // Filter empty string and null/undefined array items
22
+ const scopeArr = inputScopes
23
+ ? StringUtils.trimArrayEntries([...inputScopes])
24
+ : [];
25
+ const filteredInput = scopeArr
26
+ ? StringUtils.removeEmptyStringsFromArray(scopeArr)
27
+ : [];
28
+ // Validate and filter scopes (validate function throws if validation fails)
29
+ this.validateInputScopes(filteredInput);
30
+ this.scopes = new Set(); // Iterator in constructor not supported by IE11
31
+ filteredInput.forEach((scope) => this.scopes.add(scope));
32
+ }
33
+ /**
34
+ * Factory method to create ScopeSet from space-delimited string
35
+ * @param inputScopeString
36
+ * @param appClientId
37
+ * @param scopesRequired
38
+ */
39
+ static fromString(inputScopeString) {
40
+ const scopeString = inputScopeString || Constants.EMPTY_STRING;
41
+ const inputScopes = scopeString.split(" ");
42
+ return new ScopeSet(inputScopes);
43
+ }
44
+ /**
45
+ * Creates the set of scopes to search for in cache lookups
46
+ * @param inputScopeString
47
+ * @returns
48
+ */
49
+ static createSearchScopes(inputScopeString) {
50
+ const scopeSet = new ScopeSet(inputScopeString);
51
+ if (!scopeSet.containsOnlyOIDCScopes()) {
52
+ scopeSet.removeOIDCScopes();
53
+ }
54
+ else {
55
+ scopeSet.removeScope(Constants.OFFLINE_ACCESS_SCOPE);
56
+ }
57
+ return scopeSet;
58
+ }
59
+ /**
60
+ * Used to validate the scopes input parameter requested by the developer.
61
+ * @param {Array<string>} inputScopes - Developer requested permissions. Not all scopes are guaranteed to be included in the access token returned.
62
+ * @param {boolean} scopesRequired - Boolean indicating whether the scopes array is required or not
63
+ */
64
+ validateInputScopes(inputScopes) {
65
+ // Check if scopes are required but not given or is an empty array
66
+ if (!inputScopes || inputScopes.length < 1) {
67
+ throw createClientConfigurationError(emptyInputScopesError);
68
+ }
69
+ }
70
+ /**
71
+ * Check if a given scope is present in this set of scopes.
72
+ * @param scope
73
+ */
74
+ containsScope(scope) {
75
+ const lowerCaseScopes = this.printScopesLowerCase().split(" ");
76
+ const lowerCaseScopesSet = new ScopeSet(lowerCaseScopes);
77
+ // compare lowercase scopes
78
+ return scope
79
+ ? lowerCaseScopesSet.scopes.has(scope.toLowerCase())
80
+ : false;
81
+ }
82
+ /**
83
+ * Check if a set of scopes is present in this set of scopes.
84
+ * @param scopeSet
85
+ */
86
+ containsScopeSet(scopeSet) {
87
+ if (!scopeSet || scopeSet.scopes.size <= 0) {
88
+ return false;
89
+ }
90
+ return (this.scopes.size >= scopeSet.scopes.size &&
91
+ scopeSet.asArray().every((scope) => this.containsScope(scope)));
92
+ }
93
+ /**
94
+ * Check if set of scopes contains only the defaults
95
+ */
96
+ containsOnlyOIDCScopes() {
97
+ let defaultScopeCount = 0;
98
+ OIDC_SCOPES.forEach((defaultScope) => {
99
+ if (this.containsScope(defaultScope)) {
100
+ defaultScopeCount += 1;
101
+ }
102
+ });
103
+ return this.scopes.size === defaultScopeCount;
104
+ }
105
+ /**
106
+ * Appends single scope if passed
107
+ * @param newScope
108
+ */
109
+ appendScope(newScope) {
110
+ if (newScope) {
111
+ this.scopes.add(newScope.trim());
112
+ }
113
+ }
114
+ /**
115
+ * Appends multiple scopes if passed
116
+ * @param newScopes
117
+ */
118
+ appendScopes(newScopes) {
119
+ try {
120
+ newScopes.forEach((newScope) => this.appendScope(newScope));
121
+ }
122
+ catch (e) {
123
+ throw createClientAuthError(cannotAppendScopeSet);
124
+ }
125
+ }
126
+ /**
127
+ * Removes element from set of scopes.
128
+ * @param scope
129
+ */
130
+ removeScope(scope) {
131
+ if (!scope) {
132
+ throw createClientAuthError(cannotRemoveEmptyScope);
133
+ }
134
+ this.scopes.delete(scope.trim());
135
+ }
136
+ /**
137
+ * Removes default scopes from set of scopes
138
+ * Primarily used to prevent cache misses if the default scopes are not returned from the server
139
+ */
140
+ removeOIDCScopes() {
141
+ OIDC_SCOPES.forEach((defaultScope) => {
142
+ this.scopes.delete(defaultScope);
143
+ });
144
+ }
145
+ /**
146
+ * Combines an array of scopes with the current set of scopes.
147
+ * @param otherScopes
148
+ */
149
+ unionScopeSets(otherScopes) {
150
+ if (!otherScopes) {
151
+ throw createClientAuthError(emptyInputScopeSet);
152
+ }
153
+ const unionScopes = new Set(); // Iterator in constructor not supported in IE11
154
+ otherScopes.scopes.forEach((scope) => unionScopes.add(scope.toLowerCase()));
155
+ this.scopes.forEach((scope) => unionScopes.add(scope.toLowerCase()));
156
+ return unionScopes;
157
+ }
158
+ /**
159
+ * Check if scopes intersect between this set and another.
160
+ * @param otherScopes
161
+ */
162
+ intersectingScopeSets(otherScopes) {
163
+ if (!otherScopes) {
164
+ throw createClientAuthError(emptyInputScopeSet);
165
+ }
166
+ // Do not allow OIDC scopes to be the only intersecting scopes
167
+ if (!otherScopes.containsOnlyOIDCScopes()) {
168
+ otherScopes.removeOIDCScopes();
169
+ }
170
+ const unionScopes = this.unionScopeSets(otherScopes);
171
+ const sizeOtherScopes = otherScopes.getScopeCount();
172
+ const sizeThisScopes = this.getScopeCount();
173
+ const sizeUnionScopes = unionScopes.size;
174
+ return sizeUnionScopes < sizeThisScopes + sizeOtherScopes;
175
+ }
176
+ /**
177
+ * Returns size of set of scopes.
178
+ */
179
+ getScopeCount() {
180
+ return this.scopes.size;
181
+ }
182
+ /**
183
+ * Returns the scopes as an array of string values
184
+ */
185
+ asArray() {
186
+ const array = [];
187
+ this.scopes.forEach((val) => array.push(val));
188
+ return array;
189
+ }
190
+ /**
191
+ * Prints scopes into a space-delimited string
192
+ */
193
+ printScopes() {
194
+ if (this.scopes) {
195
+ const scopeArr = this.asArray();
196
+ return scopeArr.join(" ");
197
+ }
198
+ return Constants.EMPTY_STRING;
199
+ }
200
+ /**
201
+ * Prints scopes into a space-delimited lower-case string (used for caching)
202
+ */
203
+ printScopesLowerCase() {
204
+ return this.printScopes().toLowerCase();
205
+ }
206
206
  }
207
207
 
208
208
  export { ScopeSet };
@@ -1,9 +1,9 @@
1
- /**
2
- * Controls whether tokens should be stored in the cache or not. If set to false, tokens may still be acquired and returned but will not be cached for later retrieval.
3
- */
4
- export type StoreInCache = {
5
- accessToken?: boolean;
6
- idToken?: boolean;
7
- refreshToken?: boolean;
8
- };
1
+ /**
2
+ * Controls whether tokens should be stored in the cache or not. If set to false, tokens may still be acquired and returned but will not be cached for later retrieval.
3
+ */
4
+ export type StoreInCache = {
5
+ accessToken?: boolean;
6
+ idToken?: boolean;
7
+ refreshToken?: boolean;
8
+ };
9
9
  //# sourceMappingURL=StoreInCache.d.ts.map
@@ -1,42 +1,42 @@
1
- import { AccountInfo } from "../account/AccountInfo";
2
- /**
3
- * Result returned from the authority's token endpoint.
4
- * - uniqueId - `oid` or `sub` claim from ID token
5
- * - tenantId - `tid` claim from ID token
6
- * - scopes - Scopes that are validated for the respective token
7
- * - account - An account object representation of the currently signed-in user
8
- * - idToken - Id token received as part of the response
9
- * - idTokenClaims - MSAL-relevant ID token claims
10
- * - accessToken - Access token or SSH certificate received as part of the response
11
- * - fromCache - Boolean denoting whether token came from cache
12
- * - expiresOn - Javascript Date object representing relative expiration of access token
13
- * - extExpiresOn - Javascript Date object representing extended relative expiration of access token in case of server outage
14
- * - refreshOn - Javascript Date object representing relative time until an access token must be refreshed
15
- * - state - Value passed in by user in request
16
- * - familyId - Family ID identifier, usually only used for refresh tokens
17
- * - requestId - Request ID returned as part of the response
18
- */
19
- export type AuthenticationResult = {
20
- authority: string;
21
- uniqueId: string;
22
- tenantId: string;
23
- scopes: Array<string>;
24
- account: AccountInfo | null;
25
- idToken: string;
26
- idTokenClaims: object;
27
- accessToken: string;
28
- fromCache: boolean;
29
- expiresOn: Date | null;
30
- extExpiresOn?: Date;
31
- refreshOn?: Date;
32
- tokenType: string;
33
- correlationId: string;
34
- requestId?: string;
35
- state?: string;
36
- familyId?: string;
37
- cloudGraphHostName?: string;
38
- msGraphHost?: string;
39
- code?: string;
40
- fromNativeBroker?: boolean;
41
- };
1
+ import { AccountInfo } from "../account/AccountInfo";
2
+ /**
3
+ * Result returned from the authority's token endpoint.
4
+ * - uniqueId - `oid` or `sub` claim from ID token
5
+ * - tenantId - `tid` claim from ID token
6
+ * - scopes - Scopes that are validated for the respective token
7
+ * - account - An account object representation of the currently signed-in user
8
+ * - idToken - Id token received as part of the response
9
+ * - idTokenClaims - MSAL-relevant ID token claims
10
+ * - accessToken - Access token or SSH certificate received as part of the response
11
+ * - fromCache - Boolean denoting whether token came from cache
12
+ * - expiresOn - Javascript Date object representing relative expiration of access token
13
+ * - extExpiresOn - Javascript Date object representing extended relative expiration of access token in case of server outage
14
+ * - refreshOn - Javascript Date object representing relative time until an access token must be refreshed
15
+ * - state - Value passed in by user in request
16
+ * - familyId - Family ID identifier, usually only used for refresh tokens
17
+ * - requestId - Request ID returned as part of the response
18
+ */
19
+ export type AuthenticationResult = {
20
+ authority: string;
21
+ uniqueId: string;
22
+ tenantId: string;
23
+ scopes: Array<string>;
24
+ account: AccountInfo | null;
25
+ idToken: string;
26
+ idTokenClaims: object;
27
+ accessToken: string;
28
+ fromCache: boolean;
29
+ expiresOn: Date | null;
30
+ extExpiresOn?: Date;
31
+ refreshOn?: Date;
32
+ tokenType: string;
33
+ correlationId: string;
34
+ requestId?: string;
35
+ state?: string;
36
+ familyId?: string;
37
+ cloudGraphHostName?: string;
38
+ msGraphHost?: string;
39
+ code?: string;
40
+ fromNativeBroker?: boolean;
41
+ };
42
42
  //# sourceMappingURL=AuthenticationResult.d.ts.map
@@ -1,14 +1,14 @@
1
- /**
2
- * Response returned after processing the code response query string or fragment.
3
- */
4
- export type AuthorizationCodePayload = {
5
- code: string;
6
- cloud_instance_name?: string;
7
- cloud_instance_host_name?: string;
8
- cloud_graph_host_name?: string;
9
- msgraph_host?: string;
10
- state?: string;
11
- nonce?: string;
12
- client_info?: string;
13
- };
1
+ /**
2
+ * Response returned after processing the code response query string or fragment.
3
+ */
4
+ export type AuthorizationCodePayload = {
5
+ code: string;
6
+ cloud_instance_name?: string;
7
+ cloud_instance_host_name?: string;
8
+ cloud_graph_host_name?: string;
9
+ msgraph_host?: string;
10
+ state?: string;
11
+ nonce?: string;
12
+ client_info?: string;
13
+ };
14
14
  //# sourceMappingURL=AuthorizationCodePayload.d.ts.map
@@ -1,26 +1,26 @@
1
- /**
2
- * DeviceCode returned by the security token service device code endpoint containing information necessary for device code flow.
3
- * - userCode: code which user needs to provide when authenticating at the verification URI
4
- * - deviceCode: code which should be included in the request for the access token
5
- * - verificationUri: URI where user can authenticate
6
- * - expiresIn: expiration time of the device code in seconds
7
- * - interval: interval at which the STS should be polled at
8
- * - message: message which should be displayed to the user
9
- */
10
- export type DeviceCodeResponse = {
11
- userCode: string;
12
- deviceCode: string;
13
- verificationUri: string;
14
- expiresIn: number;
15
- interval: number;
16
- message: string;
17
- };
18
- export type ServerDeviceCodeResponse = {
19
- user_code: string;
20
- device_code: string;
21
- verification_uri: string;
22
- expires_in: number;
23
- interval: number;
24
- message: string;
25
- };
1
+ /**
2
+ * DeviceCode returned by the security token service device code endpoint containing information necessary for device code flow.
3
+ * - userCode: code which user needs to provide when authenticating at the verification URI
4
+ * - deviceCode: code which should be included in the request for the access token
5
+ * - verificationUri: URI where user can authenticate
6
+ * - expiresIn: expiration time of the device code in seconds
7
+ * - interval: interval at which the STS should be polled at
8
+ * - message: message which should be displayed to the user
9
+ */
10
+ export type DeviceCodeResponse = {
11
+ userCode: string;
12
+ deviceCode: string;
13
+ verificationUri: string;
14
+ expiresIn: number;
15
+ interval: number;
16
+ message: string;
17
+ };
18
+ export type ServerDeviceCodeResponse = {
19
+ user_code: string;
20
+ device_code: string;
21
+ verification_uri: string;
22
+ expires_in: number;
23
+ interval: number;
24
+ message: string;
25
+ };
26
26
  //# sourceMappingURL=DeviceCodeResponse.d.ts.map
@@ -1,16 +1,16 @@
1
- import { ServerAuthorizationTokenResponse } from "./ServerAuthorizationTokenResponse";
2
- /**
3
- * Response object used for loading external tokens to cache.
4
- * - token_type: Indicates the token type value. The only type that Azure AD supports is Bearer.
5
- * - scope: The scopes that the access_token is valid for.
6
- * - expires_in: How long the access token is valid (in seconds).
7
- * - id_token: A JSON Web Token (JWT). The app can decode the segments of this token to request information about the user who signed in.
8
- * - refresh_token: An OAuth 2.0 refresh token. The app can use this token acquire additional access tokens after the current access token expires.
9
- * - access_token: The requested access token. The app can use this token to authenticate to the secured resource, such as a web API.
10
- * - client_info: Client info object
11
- */
12
- export type ExternalTokenResponse = Pick<ServerAuthorizationTokenResponse, "token_type" | "scope" | "expires_in" | "ext_expires_in" | "id_token" | "refresh_token" | "refresh_token_expires_in" | "foci"> & {
13
- access_token?: string;
14
- client_info?: string;
15
- };
1
+ import { ServerAuthorizationTokenResponse } from "./ServerAuthorizationTokenResponse";
2
+ /**
3
+ * Response object used for loading external tokens to cache.
4
+ * - token_type: Indicates the token type value. The only type that Azure AD supports is Bearer.
5
+ * - scope: The scopes that the access_token is valid for.
6
+ * - expires_in: How long the access token is valid (in seconds).
7
+ * - id_token: A JSON Web Token (JWT). The app can decode the segments of this token to request information about the user who signed in.
8
+ * - refresh_token: An OAuth 2.0 refresh token. The app can use this token acquire additional access tokens after the current access token expires.
9
+ * - access_token: The requested access token. The app can use this token to authenticate to the secured resource, such as a web API.
10
+ * - client_info: Client info object
11
+ */
12
+ export type ExternalTokenResponse = Pick<ServerAuthorizationTokenResponse, "token_type" | "scope" | "expires_in" | "ext_expires_in" | "id_token" | "refresh_token" | "refresh_token_expires_in" | "foci"> & {
13
+ access_token?: string;
14
+ client_info?: string;
15
+ };
16
16
  //# sourceMappingURL=ExternalTokenResponse.d.ts.map
@@ -1,5 +1,5 @@
1
- export type IMDSBadResponse = {
2
- error: string;
3
- "newest-versions": Array<string>;
4
- };
1
+ export type IMDSBadResponse = {
2
+ error: string;
3
+ "newest-versions": Array<string>;
4
+ };
5
5
  //# sourceMappingURL=IMDSBadResponse.d.ts.map