@azure/msal-common 14.14.0 → 14.14.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +66 -66
- package/dist/account/AccountInfo.mjs +77 -77
- package/dist/account/AuthToken.d.ts +17 -17
- package/dist/account/AuthToken.mjs +58 -58
- package/dist/account/CcsCredential.d.ts +9 -9
- package/dist/account/CcsCredential.mjs +8 -8
- package/dist/account/ClientCredentials.d.ts +19 -19
- package/dist/account/ClientInfo.d.ts +18 -18
- package/dist/account/ClientInfo.mjs +37 -37
- package/dist/account/TokenClaims.d.ts +83 -83
- package/dist/account/TokenClaims.mjs +20 -20
- package/dist/authority/Authority.d.ts +254 -254
- package/dist/authority/Authority.mjs +836 -836
- package/dist/authority/AuthorityFactory.d.ts +18 -18
- package/dist/authority/AuthorityFactory.mjs +28 -28
- package/dist/authority/AuthorityMetadata.d.ts +43 -43
- package/dist/authority/AuthorityMetadata.mjs +137 -137
- package/dist/authority/AuthorityOptions.d.ts +27 -27
- package/dist/authority/AuthorityOptions.mjs +18 -18
- package/dist/authority/AuthorityType.d.ts +10 -10
- package/dist/authority/AuthorityType.mjs +13 -13
- package/dist/authority/AzureRegion.d.ts +1 -1
- package/dist/authority/AzureRegionConfiguration.d.ts +5 -5
- package/dist/authority/CloudDiscoveryMetadata.d.ts +5 -5
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.d.ts +13 -13
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +8 -8
- package/dist/authority/CloudInstanceDiscoveryResponse.d.ts +9 -9
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +8 -8
- package/dist/authority/ImdsOptions.d.ts +5 -5
- package/dist/authority/OIDCOptions.d.ts +8 -8
- package/dist/authority/OpenIdConfigResponse.d.ts +11 -11
- package/dist/authority/OpenIdConfigResponse.mjs +10 -10
- package/dist/authority/ProtocolMode.d.ts +8 -8
- package/dist/authority/ProtocolMode.mjs +11 -11
- package/dist/authority/RegionDiscovery.d.ts +32 -32
- package/dist/authority/RegionDiscovery.mjs +106 -106
- package/dist/authority/RegionDiscoveryMetadata.d.ts +6 -6
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +15 -15
- package/dist/cache/CacheManager.d.ts +497 -497
- package/dist/cache/CacheManager.mjs +1249 -1249
- package/dist/cache/entities/AccessTokenEntity.d.ts +25 -25
- package/dist/cache/entities/AccountEntity.d.ts +106 -106
- package/dist/cache/entities/AccountEntity.mjs +240 -240
- package/dist/cache/entities/AppMetadataEntity.d.ts +11 -11
- package/dist/cache/entities/AuthorityMetadataEntity.d.ts +15 -15
- package/dist/cache/entities/CacheRecord.d.ts +13 -13
- package/dist/cache/entities/CredentialEntity.d.ts +30 -30
- package/dist/cache/entities/IdTokenEntity.d.ts +8 -8
- package/dist/cache/entities/RefreshTokenEntity.d.ts +7 -7
- package/dist/cache/entities/ServerTelemetryEntity.d.ts +6 -6
- package/dist/cache/entities/ThrottlingEntity.d.ts +7 -7
- package/dist/cache/interface/ICacheManager.d.ts +166 -166
- package/dist/cache/interface/ICachePlugin.d.ts +5 -5
- package/dist/cache/interface/ISerializableTokenCache.d.ts +4 -4
- package/dist/cache/persistence/TokenCacheContext.d.ts +23 -23
- package/dist/cache/persistence/TokenCacheContext.mjs +25 -25
- package/dist/cache/utils/CacheHelpers.d.ts +94 -94
- package/dist/cache/utils/CacheHelpers.mjs +324 -324
- package/dist/cache/utils/CacheTypes.d.ts +69 -69
- package/dist/client/AuthorizationCodeClient.d.ts +74 -74
- package/dist/client/AuthorizationCodeClient.mjs +420 -420
- package/dist/client/BaseClient.d.ts +51 -51
- package/dist/client/BaseClient.mjs +100 -100
- package/dist/client/RefreshTokenClient.d.ts +35 -35
- package/dist/client/RefreshTokenClient.mjs +211 -211
- package/dist/client/SilentFlowClient.d.ts +27 -27
- package/dist/client/SilentFlowClient.mjs +133 -133
- package/dist/config/AppTokenProvider.d.ts +38 -38
- package/dist/config/ClientConfiguration.d.ts +150 -150
- package/dist/config/ClientConfiguration.mjs +95 -95
- package/dist/constants/AADServerParamKeys.d.ts +53 -53
- package/dist/constants/AADServerParamKeys.mjs +57 -57
- package/dist/crypto/ICrypto.d.ts +68 -68
- package/dist/crypto/ICrypto.mjs +36 -36
- package/dist/crypto/IGuidGenerator.d.ts +4 -4
- package/dist/crypto/JoseHeader.d.ts +22 -22
- package/dist/crypto/JoseHeader.mjs +37 -37
- package/dist/crypto/PopTokenGenerator.d.ts +59 -59
- package/dist/crypto/PopTokenGenerator.mjs +81 -81
- package/dist/crypto/SignedHttpRequest.d.ts +15 -15
- package/dist/error/AuthError.d.ts +44 -44
- package/dist/error/AuthError.mjs +46 -46
- package/dist/error/AuthErrorCodes.d.ts +5 -5
- package/dist/error/AuthErrorCodes.mjs +9 -9
- package/dist/error/CacheError.d.ts +20 -20
- package/dist/error/CacheError.mjs +24 -24
- package/dist/error/CacheErrorCodes.d.ts +2 -2
- package/dist/error/CacheErrorCodes.mjs +6 -6
- package/dist/error/ClientAuthError.d.ts +237 -237
- package/dist/error/ClientAuthError.mjs +249 -249
- package/dist/error/ClientAuthErrorCodes.d.ts +44 -44
- package/dist/error/ClientAuthErrorCodes.mjs +48 -48
- package/dist/error/ClientConfigurationError.d.ts +128 -128
- package/dist/error/ClientConfigurationError.mjs +135 -135
- package/dist/error/ClientConfigurationErrorCodes.d.ts +22 -22
- package/dist/error/ClientConfigurationErrorCodes.mjs +26 -26
- package/dist/error/InteractionRequiredAuthError.d.ts +65 -65
- package/dist/error/InteractionRequiredAuthError.mjs +85 -85
- package/dist/error/InteractionRequiredAuthErrorCodes.d.ts +7 -7
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +13 -13
- package/dist/error/JoseHeaderError.d.ts +15 -15
- package/dist/error/JoseHeaderError.mjs +22 -22
- package/dist/error/JoseHeaderErrorCodes.d.ts +2 -2
- package/dist/error/JoseHeaderErrorCodes.mjs +6 -6
- package/dist/error/ServerError.d.ts +15 -15
- package/dist/error/ServerError.mjs +16 -16
- package/dist/index.cjs +8658 -8658
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.ts +107 -107
- package/dist/index.mjs +1 -1
- package/dist/logger/Logger.d.ts +95 -95
- package/dist/logger/Logger.mjs +188 -188
- package/dist/network/INetworkModule.d.ts +29 -29
- package/dist/network/INetworkModule.mjs +12 -12
- package/dist/network/NetworkManager.d.ts +33 -33
- package/dist/network/NetworkManager.mjs +34 -34
- package/dist/network/RequestThumbprint.d.ts +18 -18
- package/dist/network/ThrottlingUtils.d.ts +42 -42
- package/dist/network/ThrottlingUtils.mjs +95 -95
- package/dist/packageMetadata.d.ts +2 -2
- package/dist/packageMetadata.mjs +4 -4
- package/dist/request/AuthenticationHeaderParser.d.ts +19 -19
- package/dist/request/AuthenticationHeaderParser.mjs +55 -55
- package/dist/request/BaseAuthRequest.d.ts +47 -47
- package/dist/request/CommonAuthorizationCodeRequest.d.ts +27 -27
- package/dist/request/CommonAuthorizationUrlRequest.d.ts +50 -50
- package/dist/request/CommonClientCredentialRequest.d.ts +17 -17
- package/dist/request/CommonDeviceCodeRequest.d.ts +21 -21
- package/dist/request/CommonEndSessionRequest.d.ts +21 -21
- package/dist/request/CommonOnBehalfOfRequest.d.ts +13 -13
- package/dist/request/CommonRefreshTokenRequest.d.ts +22 -22
- package/dist/request/CommonSilentFlowRequest.d.ts +27 -27
- package/dist/request/CommonUsernamePasswordRequest.d.ts +17 -17
- package/dist/request/NativeRequest.d.ts +19 -19
- package/dist/request/NativeSignOutRequest.d.ts +5 -5
- package/dist/request/RequestParameterBuilder.d.ts +217 -217
- package/dist/request/RequestParameterBuilder.mjs +382 -382
- package/dist/request/RequestValidator.d.ts +27 -27
- package/dist/request/RequestValidator.mjs +64 -64
- package/dist/request/ScopeSet.d.ts +88 -88
- package/dist/request/ScopeSet.mjs +197 -197
- package/dist/request/StoreInCache.d.ts +8 -8
- package/dist/response/AuthenticationResult.d.ts +41 -41
- package/dist/response/AuthorizationCodePayload.d.ts +13 -13
- package/dist/response/DeviceCodeResponse.d.ts +25 -25
- package/dist/response/ExternalTokenResponse.d.ts +15 -15
- package/dist/response/IMDSBadResponse.d.ts +4 -4
- package/dist/response/ResponseHandler.d.ts +69 -69
- package/dist/response/ResponseHandler.mjs +374 -374
- package/dist/response/ServerAuthorizationCodeResponse.d.ts +26 -26
- package/dist/response/ServerAuthorizationTokenResponse.d.ts +47 -47
- package/dist/telemetry/performance/IPerformanceClient.d.ts +57 -57
- package/dist/telemetry/performance/IPerformanceMeasurement.d.ts +5 -5
- package/dist/telemetry/performance/PerformanceClient.d.ts +242 -242
- package/dist/telemetry/performance/PerformanceClient.mjs +587 -587
- package/dist/telemetry/performance/PerformanceEvent.d.ts +511 -505
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +480 -480
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.d.ts +24 -24
- package/dist/telemetry/performance/StubPerformanceClient.mjs +76 -76
- package/dist/telemetry/server/ServerTelemetryManager.d.ts +78 -78
- package/dist/telemetry/server/ServerTelemetryManager.mjs +260 -260
- package/dist/telemetry/server/ServerTelemetryRequest.d.ts +8 -8
- package/dist/url/IUri.d.ts +12 -12
- package/dist/url/UrlString.d.ts +48 -48
- package/dist/url/UrlString.mjs +161 -161
- package/dist/utils/ClientAssertionUtils.d.ts +2 -2
- package/dist/utils/ClientAssertionUtils.mjs +16 -16
- package/dist/utils/Constants.d.ts +309 -309
- package/dist/utils/Constants.mjs +322 -322
- package/dist/utils/FunctionWrappers.d.ts +27 -27
- package/dist/utils/FunctionWrappers.mjs +94 -94
- package/dist/utils/MsalTypes.d.ts +6 -6
- package/dist/utils/ProtocolUtils.d.ts +42 -42
- package/dist/utils/ProtocolUtils.mjs +69 -69
- package/dist/utils/StringUtils.d.ts +40 -40
- package/dist/utils/StringUtils.mjs +95 -95
- package/dist/utils/TimeUtils.d.ts +25 -25
- package/dist/utils/TimeUtils.mjs +43 -43
- package/dist/utils/UrlUtils.d.ts +10 -10
- package/dist/utils/UrlUtils.mjs +44 -44
- package/package.json +1 -1
- package/src/packageMetadata.ts +1 -1
- package/src/telemetry/performance/PerformanceEvent.ts +7 -0
package/dist/utils/Constants.mjs
CHANGED
|
@@ -1,326 +1,326 @@
|
|
|
1
|
-
/*! @azure/msal-common v14.14.
|
|
1
|
+
/*! @azure/msal-common v14.14.2 2024-08-28 */
|
|
2
2
|
'use strict';
|
|
3
|
-
/*
|
|
4
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5
|
-
* Licensed under the MIT License.
|
|
6
|
-
*/
|
|
7
|
-
const Constants = {
|
|
8
|
-
LIBRARY_NAME: "MSAL.JS",
|
|
9
|
-
SKU: "msal.js.common",
|
|
10
|
-
// Prefix for all library cache entries
|
|
11
|
-
CACHE_PREFIX: "msal",
|
|
12
|
-
// default authority
|
|
13
|
-
DEFAULT_AUTHORITY: "https://login.microsoftonline.com/common/",
|
|
14
|
-
DEFAULT_AUTHORITY_HOST: "login.microsoftonline.com",
|
|
15
|
-
DEFAULT_COMMON_TENANT: "common",
|
|
16
|
-
// ADFS String
|
|
17
|
-
ADFS: "adfs",
|
|
18
|
-
DSTS: "dstsv2",
|
|
19
|
-
// Default AAD Instance Discovery Endpoint
|
|
20
|
-
AAD_INSTANCE_DISCOVERY_ENDPT: "https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=",
|
|
21
|
-
// CIAM URL
|
|
22
|
-
CIAM_AUTH_URL: ".ciamlogin.com",
|
|
23
|
-
AAD_TENANT_DOMAIN_SUFFIX: ".onmicrosoft.com",
|
|
24
|
-
// Resource delimiter - used for certain cache entries
|
|
25
|
-
RESOURCE_DELIM: "|",
|
|
26
|
-
// Placeholder for non-existent account ids/objects
|
|
27
|
-
NO_ACCOUNT: "NO_ACCOUNT",
|
|
28
|
-
// Claims
|
|
29
|
-
CLAIMS: "claims",
|
|
30
|
-
// Consumer UTID
|
|
31
|
-
CONSUMER_UTID: "9188040d-6c67-4c5b-b112-36a304b66dad",
|
|
32
|
-
// Default scopes
|
|
33
|
-
OPENID_SCOPE: "openid",
|
|
34
|
-
PROFILE_SCOPE: "profile",
|
|
35
|
-
OFFLINE_ACCESS_SCOPE: "offline_access",
|
|
36
|
-
EMAIL_SCOPE: "email",
|
|
37
|
-
// Default response type for authorization code flow
|
|
38
|
-
CODE_RESPONSE_TYPE: "code",
|
|
39
|
-
CODE_GRANT_TYPE: "authorization_code",
|
|
40
|
-
RT_GRANT_TYPE: "refresh_token",
|
|
41
|
-
FRAGMENT_RESPONSE_MODE: "fragment",
|
|
42
|
-
S256_CODE_CHALLENGE_METHOD: "S256",
|
|
43
|
-
URL_FORM_CONTENT_TYPE: "application/x-www-form-urlencoded;charset=utf-8",
|
|
44
|
-
AUTHORIZATION_PENDING: "authorization_pending",
|
|
45
|
-
NOT_DEFINED: "not_defined",
|
|
46
|
-
EMPTY_STRING: "",
|
|
47
|
-
NOT_APPLICABLE: "N/A",
|
|
48
|
-
NOT_AVAILABLE: "Not Available",
|
|
49
|
-
FORWARD_SLASH: "/",
|
|
50
|
-
IMDS_ENDPOINT: "http://169.254.169.254/metadata/instance/compute/location",
|
|
51
|
-
IMDS_VERSION: "2020-06-01",
|
|
52
|
-
IMDS_TIMEOUT: 2000,
|
|
53
|
-
AZURE_REGION_AUTO_DISCOVER_FLAG: "TryAutoDetect",
|
|
54
|
-
REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX: "login.microsoft.com",
|
|
55
|
-
KNOWN_PUBLIC_CLOUDS: [
|
|
56
|
-
"login.microsoftonline.com",
|
|
57
|
-
"login.windows.net",
|
|
58
|
-
"login.microsoft.com",
|
|
59
|
-
"sts.windows.net",
|
|
60
|
-
],
|
|
61
|
-
TOKEN_RESPONSE_TYPE: "token",
|
|
62
|
-
ID_TOKEN_RESPONSE_TYPE: "id_token",
|
|
63
|
-
SHR_NONCE_VALIDITY: 240,
|
|
64
|
-
INVALID_INSTANCE: "invalid_instance",
|
|
65
|
-
};
|
|
66
|
-
const HttpStatus = {
|
|
67
|
-
SUCCESS: 200,
|
|
68
|
-
SUCCESS_RANGE_START: 200,
|
|
69
|
-
SUCCESS_RANGE_END: 299,
|
|
70
|
-
REDIRECT: 302,
|
|
71
|
-
CLIENT_ERROR: 400,
|
|
72
|
-
CLIENT_ERROR_RANGE_START: 400,
|
|
73
|
-
BAD_REQUEST: 400,
|
|
74
|
-
UNAUTHORIZED: 401,
|
|
75
|
-
NOT_FOUND: 404,
|
|
76
|
-
REQUEST_TIMEOUT: 408,
|
|
77
|
-
TOO_MANY_REQUESTS: 429,
|
|
78
|
-
CLIENT_ERROR_RANGE_END: 499,
|
|
79
|
-
SERVER_ERROR: 500,
|
|
80
|
-
SERVER_ERROR_RANGE_START: 500,
|
|
81
|
-
SERVICE_UNAVAILABLE: 503,
|
|
82
|
-
GATEWAY_TIMEOUT: 504,
|
|
83
|
-
SERVER_ERROR_RANGE_END: 599,
|
|
84
|
-
MULTI_SIDED_ERROR: 600,
|
|
85
|
-
};
|
|
86
|
-
const OIDC_DEFAULT_SCOPES = [
|
|
87
|
-
Constants.OPENID_SCOPE,
|
|
88
|
-
Constants.PROFILE_SCOPE,
|
|
89
|
-
Constants.OFFLINE_ACCESS_SCOPE,
|
|
90
|
-
];
|
|
91
|
-
const OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, Constants.EMAIL_SCOPE];
|
|
92
|
-
/**
|
|
93
|
-
* Request header names
|
|
94
|
-
*/
|
|
95
|
-
const HeaderNames = {
|
|
96
|
-
CONTENT_TYPE: "Content-Type",
|
|
97
|
-
RETRY_AFTER: "Retry-After",
|
|
98
|
-
CCS_HEADER: "X-AnchorMailbox",
|
|
99
|
-
WWWAuthenticate: "WWW-Authenticate",
|
|
100
|
-
AuthenticationInfo: "Authentication-Info",
|
|
101
|
-
X_MS_REQUEST_ID: "x-ms-request-id",
|
|
102
|
-
X_MS_HTTP_VERSION: "x-ms-httpver",
|
|
103
|
-
};
|
|
104
|
-
/**
|
|
105
|
-
* Persistent cache keys MSAL which stay while user is logged in.
|
|
106
|
-
*/
|
|
107
|
-
const PersistentCacheKeys = {
|
|
108
|
-
ID_TOKEN: "idtoken",
|
|
109
|
-
CLIENT_INFO: "client.info",
|
|
110
|
-
ADAL_ID_TOKEN: "adal.idtoken",
|
|
111
|
-
ERROR: "error",
|
|
112
|
-
ERROR_DESC: "error.description",
|
|
113
|
-
ACTIVE_ACCOUNT: "active-account",
|
|
114
|
-
ACTIVE_ACCOUNT_FILTERS: "active-account-filters", // new cache entry for active_account for a more robust version for browser
|
|
115
|
-
};
|
|
116
|
-
/**
|
|
117
|
-
* String constants related to AAD Authority
|
|
118
|
-
*/
|
|
119
|
-
const AADAuthorityConstants = {
|
|
120
|
-
COMMON: "common",
|
|
121
|
-
ORGANIZATIONS: "organizations",
|
|
122
|
-
CONSUMERS: "consumers",
|
|
123
|
-
};
|
|
124
|
-
/**
|
|
125
|
-
* Claims request keys
|
|
126
|
-
*/
|
|
127
|
-
const ClaimsRequestKeys = {
|
|
128
|
-
ACCESS_TOKEN: "access_token",
|
|
129
|
-
XMS_CC: "xms_cc",
|
|
130
|
-
};
|
|
131
|
-
/**
|
|
132
|
-
* we considered making this "enum" in the request instead of string, however it looks like the allowed list of
|
|
133
|
-
* prompt values kept changing over past couple of years. There are some undocumented prompt values for some
|
|
134
|
-
* internal partners too, hence the choice of generic "string" type instead of the "enum"
|
|
135
|
-
*/
|
|
136
|
-
const PromptValue = {
|
|
137
|
-
LOGIN: "login",
|
|
138
|
-
SELECT_ACCOUNT: "select_account",
|
|
139
|
-
CONSENT: "consent",
|
|
140
|
-
NONE: "none",
|
|
141
|
-
CREATE: "create",
|
|
142
|
-
NO_SESSION: "no_session",
|
|
143
|
-
};
|
|
144
|
-
/**
|
|
145
|
-
* allowed values for codeVerifier
|
|
146
|
-
*/
|
|
147
|
-
const CodeChallengeMethodValues = {
|
|
148
|
-
PLAIN: "plain",
|
|
149
|
-
S256: "S256",
|
|
150
|
-
};
|
|
151
|
-
/**
|
|
152
|
-
* allowed values for server response type
|
|
153
|
-
*/
|
|
154
|
-
const ServerResponseType = {
|
|
155
|
-
QUERY: "query",
|
|
156
|
-
FRAGMENT: "fragment",
|
|
157
|
-
};
|
|
158
|
-
/**
|
|
159
|
-
* allowed values for response_mode
|
|
160
|
-
*/
|
|
161
|
-
const ResponseMode = {
|
|
162
|
-
...ServerResponseType,
|
|
163
|
-
FORM_POST: "form_post",
|
|
164
|
-
};
|
|
165
|
-
/**
|
|
166
|
-
* allowed grant_type
|
|
167
|
-
*/
|
|
168
|
-
const GrantType = {
|
|
169
|
-
IMPLICIT_GRANT: "implicit",
|
|
170
|
-
AUTHORIZATION_CODE_GRANT: "authorization_code",
|
|
171
|
-
CLIENT_CREDENTIALS_GRANT: "client_credentials",
|
|
172
|
-
RESOURCE_OWNER_PASSWORD_GRANT: "password",
|
|
173
|
-
REFRESH_TOKEN_GRANT: "refresh_token",
|
|
174
|
-
DEVICE_CODE_GRANT: "device_code",
|
|
175
|
-
JWT_BEARER: "urn:ietf:params:oauth:grant-type:jwt-bearer",
|
|
176
|
-
};
|
|
177
|
-
/**
|
|
178
|
-
* Account types in Cache
|
|
179
|
-
*/
|
|
180
|
-
const CacheAccountType = {
|
|
181
|
-
MSSTS_ACCOUNT_TYPE: "MSSTS",
|
|
182
|
-
ADFS_ACCOUNT_TYPE: "ADFS",
|
|
183
|
-
MSAV1_ACCOUNT_TYPE: "MSA",
|
|
184
|
-
GENERIC_ACCOUNT_TYPE: "Generic", // NTLM, Kerberos, FBA, Basic etc
|
|
185
|
-
};
|
|
186
|
-
/**
|
|
187
|
-
* Separators used in cache
|
|
188
|
-
*/
|
|
189
|
-
const Separators = {
|
|
190
|
-
CACHE_KEY_SEPARATOR: "-",
|
|
191
|
-
CLIENT_INFO_SEPARATOR: ".",
|
|
192
|
-
};
|
|
193
|
-
/**
|
|
194
|
-
* Credential Type stored in the cache
|
|
195
|
-
*/
|
|
196
|
-
const CredentialType = {
|
|
197
|
-
ID_TOKEN: "IdToken",
|
|
198
|
-
ACCESS_TOKEN: "AccessToken",
|
|
199
|
-
ACCESS_TOKEN_WITH_AUTH_SCHEME: "AccessToken_With_AuthScheme",
|
|
200
|
-
REFRESH_TOKEN: "RefreshToken",
|
|
201
|
-
};
|
|
202
|
-
/**
|
|
203
|
-
* Combine all cache types
|
|
204
|
-
*/
|
|
205
|
-
const CacheType = {
|
|
206
|
-
ADFS: 1001,
|
|
207
|
-
MSA: 1002,
|
|
208
|
-
MSSTS: 1003,
|
|
209
|
-
GENERIC: 1004,
|
|
210
|
-
ACCESS_TOKEN: 2001,
|
|
211
|
-
REFRESH_TOKEN: 2002,
|
|
212
|
-
ID_TOKEN: 2003,
|
|
213
|
-
APP_METADATA: 3001,
|
|
214
|
-
UNDEFINED: 9999,
|
|
215
|
-
};
|
|
216
|
-
/**
|
|
217
|
-
* More Cache related constants
|
|
218
|
-
*/
|
|
219
|
-
const APP_METADATA = "appmetadata";
|
|
220
|
-
const CLIENT_INFO = "client_info";
|
|
221
|
-
const THE_FAMILY_ID = "1";
|
|
222
|
-
const AUTHORITY_METADATA_CONSTANTS = {
|
|
223
|
-
CACHE_KEY: "authority-metadata",
|
|
224
|
-
REFRESH_TIME_SECONDS: 3600 * 24, // 24 Hours
|
|
225
|
-
};
|
|
226
|
-
const AuthorityMetadataSource = {
|
|
227
|
-
CONFIG: "config",
|
|
228
|
-
CACHE: "cache",
|
|
229
|
-
NETWORK: "network",
|
|
230
|
-
HARDCODED_VALUES: "hardcoded_values",
|
|
231
|
-
};
|
|
232
|
-
const SERVER_TELEM_CONSTANTS = {
|
|
233
|
-
SCHEMA_VERSION: 5,
|
|
234
|
-
MAX_CUR_HEADER_BYTES: 80,
|
|
235
|
-
MAX_LAST_HEADER_BYTES: 330,
|
|
236
|
-
MAX_CACHED_ERRORS: 50,
|
|
237
|
-
CACHE_KEY: "server-telemetry",
|
|
238
|
-
CATEGORY_SEPARATOR: "|",
|
|
239
|
-
VALUE_SEPARATOR: ",",
|
|
240
|
-
OVERFLOW_TRUE: "1",
|
|
241
|
-
OVERFLOW_FALSE: "0",
|
|
242
|
-
UNKNOWN_ERROR: "unknown_error",
|
|
243
|
-
};
|
|
244
|
-
/**
|
|
245
|
-
* Type of the authentication request
|
|
246
|
-
*/
|
|
247
|
-
const AuthenticationScheme = {
|
|
248
|
-
BEARER: "Bearer",
|
|
249
|
-
POP: "pop",
|
|
250
|
-
SSH: "ssh-cert",
|
|
251
|
-
};
|
|
252
|
-
/**
|
|
253
|
-
* Constants related to throttling
|
|
254
|
-
*/
|
|
255
|
-
const ThrottlingConstants = {
|
|
256
|
-
// Default time to throttle RequestThumbprint in seconds
|
|
257
|
-
DEFAULT_THROTTLE_TIME_SECONDS: 60,
|
|
258
|
-
// Default maximum time to throttle in seconds, overrides what the server sends back
|
|
259
|
-
DEFAULT_MAX_THROTTLE_TIME_SECONDS: 3600,
|
|
260
|
-
// Prefix for storing throttling entries
|
|
261
|
-
THROTTLING_PREFIX: "throttling",
|
|
262
|
-
// Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling
|
|
263
|
-
X_MS_LIB_CAPABILITY_VALUE: "retry-after, h429",
|
|
264
|
-
};
|
|
265
|
-
const Errors = {
|
|
266
|
-
INVALID_GRANT_ERROR: "invalid_grant",
|
|
267
|
-
CLIENT_MISMATCH_ERROR: "client_mismatch",
|
|
268
|
-
};
|
|
269
|
-
/**
|
|
270
|
-
* Password grant parameters
|
|
271
|
-
*/
|
|
272
|
-
const PasswordGrantConstants = {
|
|
273
|
-
username: "username",
|
|
274
|
-
password: "password",
|
|
275
|
-
};
|
|
276
|
-
/**
|
|
277
|
-
* Response codes
|
|
278
|
-
*/
|
|
279
|
-
const ResponseCodes = {
|
|
280
|
-
httpSuccess: 200,
|
|
281
|
-
httpBadRequest: 400,
|
|
282
|
-
};
|
|
283
|
-
/**
|
|
284
|
-
* Region Discovery Sources
|
|
285
|
-
*/
|
|
286
|
-
const RegionDiscoverySources = {
|
|
287
|
-
FAILED_AUTO_DETECTION: "1",
|
|
288
|
-
INTERNAL_CACHE: "2",
|
|
289
|
-
ENVIRONMENT_VARIABLE: "3",
|
|
290
|
-
IMDS: "4",
|
|
291
|
-
};
|
|
292
|
-
/**
|
|
293
|
-
* Region Discovery Outcomes
|
|
294
|
-
*/
|
|
295
|
-
const RegionDiscoveryOutcomes = {
|
|
296
|
-
CONFIGURED_MATCHES_DETECTED: "1",
|
|
297
|
-
CONFIGURED_NO_AUTO_DETECTION: "2",
|
|
298
|
-
CONFIGURED_NOT_DETECTED: "3",
|
|
299
|
-
AUTO_DETECTION_REQUESTED_SUCCESSFUL: "4",
|
|
300
|
-
AUTO_DETECTION_REQUESTED_FAILED: "5",
|
|
301
|
-
};
|
|
302
|
-
/**
|
|
303
|
-
* Specifies the reason for fetching the access token from the identity provider
|
|
304
|
-
*/
|
|
305
|
-
const CacheOutcome = {
|
|
306
|
-
// When a token is found in the cache or the cache is not supposed to be hit when making the request
|
|
307
|
-
NOT_APPLICABLE: "0",
|
|
308
|
-
// When the token request goes to the identity provider because force_refresh was set to true. Also occurs if claims were requested
|
|
309
|
-
FORCE_REFRESH_OR_CLAIMS: "1",
|
|
310
|
-
// When the token request goes to the identity provider because no cached access token exists
|
|
311
|
-
NO_CACHED_ACCESS_TOKEN: "2",
|
|
312
|
-
// When the token request goes to the identity provider because cached access token expired
|
|
313
|
-
CACHED_ACCESS_TOKEN_EXPIRED: "3",
|
|
314
|
-
// When the token request goes to the identity provider because refresh_in was used and the existing token needs to be refreshed
|
|
315
|
-
PROACTIVELY_REFRESHED: "4",
|
|
316
|
-
};
|
|
317
|
-
const JsonWebTokenTypes = {
|
|
318
|
-
Jwt: "JWT",
|
|
319
|
-
Jwk: "JWK",
|
|
320
|
-
Pop: "pop",
|
|
321
|
-
};
|
|
322
|
-
const ONE_DAY_IN_MS = 86400000;
|
|
323
|
-
// Token renewal offset default in seconds
|
|
3
|
+
/*
|
|
4
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5
|
+
* Licensed under the MIT License.
|
|
6
|
+
*/
|
|
7
|
+
const Constants = {
|
|
8
|
+
LIBRARY_NAME: "MSAL.JS",
|
|
9
|
+
SKU: "msal.js.common",
|
|
10
|
+
// Prefix for all library cache entries
|
|
11
|
+
CACHE_PREFIX: "msal",
|
|
12
|
+
// default authority
|
|
13
|
+
DEFAULT_AUTHORITY: "https://login.microsoftonline.com/common/",
|
|
14
|
+
DEFAULT_AUTHORITY_HOST: "login.microsoftonline.com",
|
|
15
|
+
DEFAULT_COMMON_TENANT: "common",
|
|
16
|
+
// ADFS String
|
|
17
|
+
ADFS: "adfs",
|
|
18
|
+
DSTS: "dstsv2",
|
|
19
|
+
// Default AAD Instance Discovery Endpoint
|
|
20
|
+
AAD_INSTANCE_DISCOVERY_ENDPT: "https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=",
|
|
21
|
+
// CIAM URL
|
|
22
|
+
CIAM_AUTH_URL: ".ciamlogin.com",
|
|
23
|
+
AAD_TENANT_DOMAIN_SUFFIX: ".onmicrosoft.com",
|
|
24
|
+
// Resource delimiter - used for certain cache entries
|
|
25
|
+
RESOURCE_DELIM: "|",
|
|
26
|
+
// Placeholder for non-existent account ids/objects
|
|
27
|
+
NO_ACCOUNT: "NO_ACCOUNT",
|
|
28
|
+
// Claims
|
|
29
|
+
CLAIMS: "claims",
|
|
30
|
+
// Consumer UTID
|
|
31
|
+
CONSUMER_UTID: "9188040d-6c67-4c5b-b112-36a304b66dad",
|
|
32
|
+
// Default scopes
|
|
33
|
+
OPENID_SCOPE: "openid",
|
|
34
|
+
PROFILE_SCOPE: "profile",
|
|
35
|
+
OFFLINE_ACCESS_SCOPE: "offline_access",
|
|
36
|
+
EMAIL_SCOPE: "email",
|
|
37
|
+
// Default response type for authorization code flow
|
|
38
|
+
CODE_RESPONSE_TYPE: "code",
|
|
39
|
+
CODE_GRANT_TYPE: "authorization_code",
|
|
40
|
+
RT_GRANT_TYPE: "refresh_token",
|
|
41
|
+
FRAGMENT_RESPONSE_MODE: "fragment",
|
|
42
|
+
S256_CODE_CHALLENGE_METHOD: "S256",
|
|
43
|
+
URL_FORM_CONTENT_TYPE: "application/x-www-form-urlencoded;charset=utf-8",
|
|
44
|
+
AUTHORIZATION_PENDING: "authorization_pending",
|
|
45
|
+
NOT_DEFINED: "not_defined",
|
|
46
|
+
EMPTY_STRING: "",
|
|
47
|
+
NOT_APPLICABLE: "N/A",
|
|
48
|
+
NOT_AVAILABLE: "Not Available",
|
|
49
|
+
FORWARD_SLASH: "/",
|
|
50
|
+
IMDS_ENDPOINT: "http://169.254.169.254/metadata/instance/compute/location",
|
|
51
|
+
IMDS_VERSION: "2020-06-01",
|
|
52
|
+
IMDS_TIMEOUT: 2000,
|
|
53
|
+
AZURE_REGION_AUTO_DISCOVER_FLAG: "TryAutoDetect",
|
|
54
|
+
REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX: "login.microsoft.com",
|
|
55
|
+
KNOWN_PUBLIC_CLOUDS: [
|
|
56
|
+
"login.microsoftonline.com",
|
|
57
|
+
"login.windows.net",
|
|
58
|
+
"login.microsoft.com",
|
|
59
|
+
"sts.windows.net",
|
|
60
|
+
],
|
|
61
|
+
TOKEN_RESPONSE_TYPE: "token",
|
|
62
|
+
ID_TOKEN_RESPONSE_TYPE: "id_token",
|
|
63
|
+
SHR_NONCE_VALIDITY: 240,
|
|
64
|
+
INVALID_INSTANCE: "invalid_instance",
|
|
65
|
+
};
|
|
66
|
+
const HttpStatus = {
|
|
67
|
+
SUCCESS: 200,
|
|
68
|
+
SUCCESS_RANGE_START: 200,
|
|
69
|
+
SUCCESS_RANGE_END: 299,
|
|
70
|
+
REDIRECT: 302,
|
|
71
|
+
CLIENT_ERROR: 400,
|
|
72
|
+
CLIENT_ERROR_RANGE_START: 400,
|
|
73
|
+
BAD_REQUEST: 400,
|
|
74
|
+
UNAUTHORIZED: 401,
|
|
75
|
+
NOT_FOUND: 404,
|
|
76
|
+
REQUEST_TIMEOUT: 408,
|
|
77
|
+
TOO_MANY_REQUESTS: 429,
|
|
78
|
+
CLIENT_ERROR_RANGE_END: 499,
|
|
79
|
+
SERVER_ERROR: 500,
|
|
80
|
+
SERVER_ERROR_RANGE_START: 500,
|
|
81
|
+
SERVICE_UNAVAILABLE: 503,
|
|
82
|
+
GATEWAY_TIMEOUT: 504,
|
|
83
|
+
SERVER_ERROR_RANGE_END: 599,
|
|
84
|
+
MULTI_SIDED_ERROR: 600,
|
|
85
|
+
};
|
|
86
|
+
const OIDC_DEFAULT_SCOPES = [
|
|
87
|
+
Constants.OPENID_SCOPE,
|
|
88
|
+
Constants.PROFILE_SCOPE,
|
|
89
|
+
Constants.OFFLINE_ACCESS_SCOPE,
|
|
90
|
+
];
|
|
91
|
+
const OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, Constants.EMAIL_SCOPE];
|
|
92
|
+
/**
|
|
93
|
+
* Request header names
|
|
94
|
+
*/
|
|
95
|
+
const HeaderNames = {
|
|
96
|
+
CONTENT_TYPE: "Content-Type",
|
|
97
|
+
RETRY_AFTER: "Retry-After",
|
|
98
|
+
CCS_HEADER: "X-AnchorMailbox",
|
|
99
|
+
WWWAuthenticate: "WWW-Authenticate",
|
|
100
|
+
AuthenticationInfo: "Authentication-Info",
|
|
101
|
+
X_MS_REQUEST_ID: "x-ms-request-id",
|
|
102
|
+
X_MS_HTTP_VERSION: "x-ms-httpver",
|
|
103
|
+
};
|
|
104
|
+
/**
|
|
105
|
+
* Persistent cache keys MSAL which stay while user is logged in.
|
|
106
|
+
*/
|
|
107
|
+
const PersistentCacheKeys = {
|
|
108
|
+
ID_TOKEN: "idtoken",
|
|
109
|
+
CLIENT_INFO: "client.info",
|
|
110
|
+
ADAL_ID_TOKEN: "adal.idtoken",
|
|
111
|
+
ERROR: "error",
|
|
112
|
+
ERROR_DESC: "error.description",
|
|
113
|
+
ACTIVE_ACCOUNT: "active-account",
|
|
114
|
+
ACTIVE_ACCOUNT_FILTERS: "active-account-filters", // new cache entry for active_account for a more robust version for browser
|
|
115
|
+
};
|
|
116
|
+
/**
|
|
117
|
+
* String constants related to AAD Authority
|
|
118
|
+
*/
|
|
119
|
+
const AADAuthorityConstants = {
|
|
120
|
+
COMMON: "common",
|
|
121
|
+
ORGANIZATIONS: "organizations",
|
|
122
|
+
CONSUMERS: "consumers",
|
|
123
|
+
};
|
|
124
|
+
/**
|
|
125
|
+
* Claims request keys
|
|
126
|
+
*/
|
|
127
|
+
const ClaimsRequestKeys = {
|
|
128
|
+
ACCESS_TOKEN: "access_token",
|
|
129
|
+
XMS_CC: "xms_cc",
|
|
130
|
+
};
|
|
131
|
+
/**
|
|
132
|
+
* we considered making this "enum" in the request instead of string, however it looks like the allowed list of
|
|
133
|
+
* prompt values kept changing over past couple of years. There are some undocumented prompt values for some
|
|
134
|
+
* internal partners too, hence the choice of generic "string" type instead of the "enum"
|
|
135
|
+
*/
|
|
136
|
+
const PromptValue = {
|
|
137
|
+
LOGIN: "login",
|
|
138
|
+
SELECT_ACCOUNT: "select_account",
|
|
139
|
+
CONSENT: "consent",
|
|
140
|
+
NONE: "none",
|
|
141
|
+
CREATE: "create",
|
|
142
|
+
NO_SESSION: "no_session",
|
|
143
|
+
};
|
|
144
|
+
/**
|
|
145
|
+
* allowed values for codeVerifier
|
|
146
|
+
*/
|
|
147
|
+
const CodeChallengeMethodValues = {
|
|
148
|
+
PLAIN: "plain",
|
|
149
|
+
S256: "S256",
|
|
150
|
+
};
|
|
151
|
+
/**
|
|
152
|
+
* allowed values for server response type
|
|
153
|
+
*/
|
|
154
|
+
const ServerResponseType = {
|
|
155
|
+
QUERY: "query",
|
|
156
|
+
FRAGMENT: "fragment",
|
|
157
|
+
};
|
|
158
|
+
/**
|
|
159
|
+
* allowed values for response_mode
|
|
160
|
+
*/
|
|
161
|
+
const ResponseMode = {
|
|
162
|
+
...ServerResponseType,
|
|
163
|
+
FORM_POST: "form_post",
|
|
164
|
+
};
|
|
165
|
+
/**
|
|
166
|
+
* allowed grant_type
|
|
167
|
+
*/
|
|
168
|
+
const GrantType = {
|
|
169
|
+
IMPLICIT_GRANT: "implicit",
|
|
170
|
+
AUTHORIZATION_CODE_GRANT: "authorization_code",
|
|
171
|
+
CLIENT_CREDENTIALS_GRANT: "client_credentials",
|
|
172
|
+
RESOURCE_OWNER_PASSWORD_GRANT: "password",
|
|
173
|
+
REFRESH_TOKEN_GRANT: "refresh_token",
|
|
174
|
+
DEVICE_CODE_GRANT: "device_code",
|
|
175
|
+
JWT_BEARER: "urn:ietf:params:oauth:grant-type:jwt-bearer",
|
|
176
|
+
};
|
|
177
|
+
/**
|
|
178
|
+
* Account types in Cache
|
|
179
|
+
*/
|
|
180
|
+
const CacheAccountType = {
|
|
181
|
+
MSSTS_ACCOUNT_TYPE: "MSSTS",
|
|
182
|
+
ADFS_ACCOUNT_TYPE: "ADFS",
|
|
183
|
+
MSAV1_ACCOUNT_TYPE: "MSA",
|
|
184
|
+
GENERIC_ACCOUNT_TYPE: "Generic", // NTLM, Kerberos, FBA, Basic etc
|
|
185
|
+
};
|
|
186
|
+
/**
|
|
187
|
+
* Separators used in cache
|
|
188
|
+
*/
|
|
189
|
+
const Separators = {
|
|
190
|
+
CACHE_KEY_SEPARATOR: "-",
|
|
191
|
+
CLIENT_INFO_SEPARATOR: ".",
|
|
192
|
+
};
|
|
193
|
+
/**
|
|
194
|
+
* Credential Type stored in the cache
|
|
195
|
+
*/
|
|
196
|
+
const CredentialType = {
|
|
197
|
+
ID_TOKEN: "IdToken",
|
|
198
|
+
ACCESS_TOKEN: "AccessToken",
|
|
199
|
+
ACCESS_TOKEN_WITH_AUTH_SCHEME: "AccessToken_With_AuthScheme",
|
|
200
|
+
REFRESH_TOKEN: "RefreshToken",
|
|
201
|
+
};
|
|
202
|
+
/**
|
|
203
|
+
* Combine all cache types
|
|
204
|
+
*/
|
|
205
|
+
const CacheType = {
|
|
206
|
+
ADFS: 1001,
|
|
207
|
+
MSA: 1002,
|
|
208
|
+
MSSTS: 1003,
|
|
209
|
+
GENERIC: 1004,
|
|
210
|
+
ACCESS_TOKEN: 2001,
|
|
211
|
+
REFRESH_TOKEN: 2002,
|
|
212
|
+
ID_TOKEN: 2003,
|
|
213
|
+
APP_METADATA: 3001,
|
|
214
|
+
UNDEFINED: 9999,
|
|
215
|
+
};
|
|
216
|
+
/**
|
|
217
|
+
* More Cache related constants
|
|
218
|
+
*/
|
|
219
|
+
const APP_METADATA = "appmetadata";
|
|
220
|
+
const CLIENT_INFO = "client_info";
|
|
221
|
+
const THE_FAMILY_ID = "1";
|
|
222
|
+
const AUTHORITY_METADATA_CONSTANTS = {
|
|
223
|
+
CACHE_KEY: "authority-metadata",
|
|
224
|
+
REFRESH_TIME_SECONDS: 3600 * 24, // 24 Hours
|
|
225
|
+
};
|
|
226
|
+
const AuthorityMetadataSource = {
|
|
227
|
+
CONFIG: "config",
|
|
228
|
+
CACHE: "cache",
|
|
229
|
+
NETWORK: "network",
|
|
230
|
+
HARDCODED_VALUES: "hardcoded_values",
|
|
231
|
+
};
|
|
232
|
+
const SERVER_TELEM_CONSTANTS = {
|
|
233
|
+
SCHEMA_VERSION: 5,
|
|
234
|
+
MAX_CUR_HEADER_BYTES: 80,
|
|
235
|
+
MAX_LAST_HEADER_BYTES: 330,
|
|
236
|
+
MAX_CACHED_ERRORS: 50,
|
|
237
|
+
CACHE_KEY: "server-telemetry",
|
|
238
|
+
CATEGORY_SEPARATOR: "|",
|
|
239
|
+
VALUE_SEPARATOR: ",",
|
|
240
|
+
OVERFLOW_TRUE: "1",
|
|
241
|
+
OVERFLOW_FALSE: "0",
|
|
242
|
+
UNKNOWN_ERROR: "unknown_error",
|
|
243
|
+
};
|
|
244
|
+
/**
|
|
245
|
+
* Type of the authentication request
|
|
246
|
+
*/
|
|
247
|
+
const AuthenticationScheme = {
|
|
248
|
+
BEARER: "Bearer",
|
|
249
|
+
POP: "pop",
|
|
250
|
+
SSH: "ssh-cert",
|
|
251
|
+
};
|
|
252
|
+
/**
|
|
253
|
+
* Constants related to throttling
|
|
254
|
+
*/
|
|
255
|
+
const ThrottlingConstants = {
|
|
256
|
+
// Default time to throttle RequestThumbprint in seconds
|
|
257
|
+
DEFAULT_THROTTLE_TIME_SECONDS: 60,
|
|
258
|
+
// Default maximum time to throttle in seconds, overrides what the server sends back
|
|
259
|
+
DEFAULT_MAX_THROTTLE_TIME_SECONDS: 3600,
|
|
260
|
+
// Prefix for storing throttling entries
|
|
261
|
+
THROTTLING_PREFIX: "throttling",
|
|
262
|
+
// Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling
|
|
263
|
+
X_MS_LIB_CAPABILITY_VALUE: "retry-after, h429",
|
|
264
|
+
};
|
|
265
|
+
const Errors = {
|
|
266
|
+
INVALID_GRANT_ERROR: "invalid_grant",
|
|
267
|
+
CLIENT_MISMATCH_ERROR: "client_mismatch",
|
|
268
|
+
};
|
|
269
|
+
/**
|
|
270
|
+
* Password grant parameters
|
|
271
|
+
*/
|
|
272
|
+
const PasswordGrantConstants = {
|
|
273
|
+
username: "username",
|
|
274
|
+
password: "password",
|
|
275
|
+
};
|
|
276
|
+
/**
|
|
277
|
+
* Response codes
|
|
278
|
+
*/
|
|
279
|
+
const ResponseCodes = {
|
|
280
|
+
httpSuccess: 200,
|
|
281
|
+
httpBadRequest: 400,
|
|
282
|
+
};
|
|
283
|
+
/**
|
|
284
|
+
* Region Discovery Sources
|
|
285
|
+
*/
|
|
286
|
+
const RegionDiscoverySources = {
|
|
287
|
+
FAILED_AUTO_DETECTION: "1",
|
|
288
|
+
INTERNAL_CACHE: "2",
|
|
289
|
+
ENVIRONMENT_VARIABLE: "3",
|
|
290
|
+
IMDS: "4",
|
|
291
|
+
};
|
|
292
|
+
/**
|
|
293
|
+
* Region Discovery Outcomes
|
|
294
|
+
*/
|
|
295
|
+
const RegionDiscoveryOutcomes = {
|
|
296
|
+
CONFIGURED_MATCHES_DETECTED: "1",
|
|
297
|
+
CONFIGURED_NO_AUTO_DETECTION: "2",
|
|
298
|
+
CONFIGURED_NOT_DETECTED: "3",
|
|
299
|
+
AUTO_DETECTION_REQUESTED_SUCCESSFUL: "4",
|
|
300
|
+
AUTO_DETECTION_REQUESTED_FAILED: "5",
|
|
301
|
+
};
|
|
302
|
+
/**
|
|
303
|
+
* Specifies the reason for fetching the access token from the identity provider
|
|
304
|
+
*/
|
|
305
|
+
const CacheOutcome = {
|
|
306
|
+
// When a token is found in the cache or the cache is not supposed to be hit when making the request
|
|
307
|
+
NOT_APPLICABLE: "0",
|
|
308
|
+
// When the token request goes to the identity provider because force_refresh was set to true. Also occurs if claims were requested
|
|
309
|
+
FORCE_REFRESH_OR_CLAIMS: "1",
|
|
310
|
+
// When the token request goes to the identity provider because no cached access token exists
|
|
311
|
+
NO_CACHED_ACCESS_TOKEN: "2",
|
|
312
|
+
// When the token request goes to the identity provider because cached access token expired
|
|
313
|
+
CACHED_ACCESS_TOKEN_EXPIRED: "3",
|
|
314
|
+
// When the token request goes to the identity provider because refresh_in was used and the existing token needs to be refreshed
|
|
315
|
+
PROACTIVELY_REFRESHED: "4",
|
|
316
|
+
};
|
|
317
|
+
const JsonWebTokenTypes = {
|
|
318
|
+
Jwt: "JWT",
|
|
319
|
+
Jwk: "JWK",
|
|
320
|
+
Pop: "pop",
|
|
321
|
+
};
|
|
322
|
+
const ONE_DAY_IN_MS = 86400000;
|
|
323
|
+
// Token renewal offset default in seconds
|
|
324
324
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
325
325
|
|
|
326
326
|
export { AADAuthorityConstants, APP_METADATA, AUTHORITY_METADATA_CONSTANTS, AuthenticationScheme, AuthorityMetadataSource, CLIENT_INFO, CacheAccountType, CacheOutcome, CacheType, ClaimsRequestKeys, CodeChallengeMethodValues, Constants, CredentialType, DEFAULT_TOKEN_RENEWAL_OFFSET_SEC, Errors, GrantType, HeaderNames, HttpStatus, JsonWebTokenTypes, OIDC_DEFAULT_SCOPES, OIDC_SCOPES, ONE_DAY_IN_MS, PasswordGrantConstants, PersistentCacheKeys, PromptValue, RegionDiscoveryOutcomes, RegionDiscoverySources, ResponseCodes, ResponseMode, SERVER_TELEM_CONSTANTS, Separators, ServerResponseType, THE_FAMILY_ID, ThrottlingConstants };
|